Part 1: Most admins will agree that users tend to be the weakest link in the maintenance of security in an environment. People are easily manipulated by their very nature. Social Engineering techniques are used on us every day, and I will demonstrate how you can turn the tables and use those same ideas to exploit human weakness and gain access. I will discuss and demonstrate some basic psychology, social engineering theory and actual implementation at several levels: Remote interaction, Indirect manipulation, and Mano-a-Mano engineering. I will also discuss some defense against these attacks through the use of effective policies and awareness training.
CarolinaCon is an annual conference in North Carolina that is dedicated to sharing knowledge about technology, security and information rights. CarolinaCon also serves to enhance the local and international awareness of current technology related issues and developments. CarolinaCon also strives to mix in enough entertainment and side contests/challenges to make for a truly fun event.