Unauthorised Access and over 2 million other books are available for Amazon Kindle . Learn more


or
Sign in to turn on 1-Click ordering.
Trade in Yours
For a £4.83 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Colour:
Image not available

 
Start reading Unauthorised Access on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Unauthorised Access: Physical Penetration Testing for IT Security Teams [Paperback]

Kevin Mitnick , Wil Allsopp
5.0 out of 5 stars  See all reviews (2 customer reviews)
RRP: £27.99
Price: £22.10 & FREE Delivery in the UK. Details
You Save: £5.89 (21%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 4 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Want it tomorrow, 21 Sep.? Choose Express delivery at checkout. Details

Formats

Amazon Price New from Used from
Kindle Edition £17.30  
Paperback £22.10  
Trade In this Item for up to £4.83
Trade in Unauthorised Access: Physical Penetration Testing for IT Security Teams for an Amazon Gift Card of up to £4.83, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more

Book Description

7 Aug 2009
The first guide to planning and performing a physical penetration test on your computer′s security Most IT security teams concentrate on keeping networks and systems safe from attacks from the outside–but what if your attacker was on the inside? While nearly all IT teams perform a variety of network and application penetration testing procedures, an audit and test of the physical location has not been as prevalent. IT teams are now increasingly requesting physical penetration tests, but there is little available in terms of training. The goal of the test is to demonstrate any deficiencies in operating procedures concerning physical security. Featuring a Foreword written by world–renowned hacker Kevin D. Mitnick and lead author of The Art of Intrusion and The Art of Deception , this book is the first guide to planning and performing a physical penetration test. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight), and getting access to networks and data. Teaches IT security teams how to break into their own facility in order to defend against such attacks, which is often overlooked by IT security teams but is of critical importance Deals with intelligence gathering, such as getting access building blueprints and satellite imagery, hacking security cameras, planting bugs, and eavesdropping on security channels Includes safeguards for consultants paid to probe facilities unbeknown to staff Covers preparing the report and presenting it to management In order to defend data, you need to think like a thief–let Unauthorised Access show you how to get inside.

Frequently Bought Together

Unauthorised Access: Physical Penetration Testing for IT Security Teams + Social Engineering: The Art of Human Hacking + The Art of Deception: Controlling the Human Element of Security
Price For All Three: £45.40

Buy the selected items together


Product details

  • Paperback: 302 pages
  • Publisher: John Wiley & Sons; 1 edition (7 Aug 2009)
  • Language: English
  • ISBN-10: 0470747617
  • ISBN-13: 978-0470747612
  • Product Dimensions: 23 x 19 x 2 cm
  • Average Customer Review: 5.0 out of 5 stars  See all reviews (2 customer reviews)
  • Amazon Bestsellers Rank: 166,846 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

From the Back Cover

In this book Wil Allsopp has created a thorough reference for those looking to advance into the area of physical penetration testing. The book also serves as a guidebook for in–house security managers seeking to institute better policy safeguards.” – From the Foreword, by Kevin Mitnick Most IT security teams concentrate on keeping networks and systems safe from the outside – usually with the entire focus on firewalls, server configuration, application security, intrusion detection systems, and the like. But what if your attacker was on the inside? What if they were sitting at an employee’s computer, or placing a wireless access point hidden in a wiring closet or even roaming inside your server room? Unauthorised Access provides the first guide to planning and performing physical penetration tests. Inside, IT security expert Wil Allsopp guides you through the entire process from gathering intelligence, getting inside, dealing with threats, staying hidden (often in plain sight) and getting access to networks and data. Learn to think like an attacker with topics that include: Types of target vs level of anticipated response  Dealing with guards  Intelligence tradecraft, satellite imagery and in depth information gathering  Planting bugs and covert wireless access points  Hacking security cameras  Strategic, tactical and operational planning  Defeating locks, electronic keypads and other electronic access systems  Social engineering – the weakest link  Using your “Get Out of Jail Free” card  Complying with local laws  Attacking wireless networks

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index
Search inside this book:


Customer Reviews

4 star
0
3 star
0
2 star
0
1 star
0
5.0 out of 5 stars
5.0 out of 5 stars
Most Helpful Customer Reviews
8 of 8 people found the following review helpful
5.0 out of 5 stars Best security book 2009 11 Aug 2009
Format:Paperback
Unauthorised Access is nothing short of a manual for corporate espionage. Author Wil Allsopp, is a "penetration tester", a hired gun brought in by companies to find out how effective the security defences protecting their premises are.

While conventional penetration testing ("pentesting") involves remote hacking, typically through software vulnerabilities, physical pen-testers gain access to a company's offices or data centre with the goal of connecting to a restricted network, planting a bug or even an imitation explosive device

With ten years experience as a pen-tester, Allsopp offers superb insight into common methods used by criminals to manipulate employees, from phone calls to outright espionage. The chapter on social engineering, in particular, is guaranteed to spark paranoia and sleepless nights among even the most grizzled chief security officers.

Specific tactics he reveals include employing politeness, inducing fear, faking supplication, invoking authority, ingratiation and deference, and even sexual manipulation.

Another chapter details several successful pen-tests conducted by Allsopp and his team, including attacks on a UK power plant and a supercomputing facility conducting spatial modelling of nuclear explosions for the military. He also describes the antics of a pentester who bypassed the security of a large corporate by observing the uniform of the firm's security guard, then showing up the next day in identical costume, pulling rank and relieving the man of duty

The enjoyment Allsopp clearly derives from his work is reflected in his book; he writes with that particular tone of repressed glee common among white hat hackers.
Read more ›
Comment | 
Was this review helpful to you?
4 of 4 people found the following review helpful
5.0 out of 5 stars Informative, well structured and gripping read 20 Jan 2011
Format:Paperback
This book is written from the perspective of a penetration tester, a security professional hired to "break-in" to companies to test their physical and IT security. To summarise, this book is fantastic. It is packed full of great practical information with no wasted narrative. Inside you will find chapters on social engineering, bypassing the security/reception areas of buildings, lockpicking, wireless hacking and lots, lots more. Throughout, the author provides step by step instructions and what tools or software are needed at various stages (he even provides all the links to download them). This is nothing short of a bible on penetration testing. Because of the sheer amount of information packed into the book, it might not go into the depth of detail you are interested in but it will definitely motivate you to find out more about the area that interests you. Near the end of the book, the author even gives some real world examples of some "jobs" he undertook and the challenges he faced at every turn. These were fascinating examples of real world scenarios showing that the penetration tester used a combination of social engineering, hacking and physical breaking and entering to achieve his goal. This one is staying on my shelf as a nice reference manual. A definite must for anyone interested in physical or IT security, auditing or someone interested in getting into the security industry.
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.5 out of 5 stars  8 reviews
6 of 7 people found the following review helpful
5.0 out of 5 stars Best security book of 2009 6 Nov 2009
By Lev Eriksson - Published on Amazon.com
Format:Paperback
Unauthorised Access is nothing short of a manual for corporate espionage. Author Wil Allsopp, is a "penetration tester", a hired gun brought in by companies to find out how effective the security defences protecting their premises are.

While conventional penetration testing ("pentesting") involves remote hacking, typically through software vulnerabilities, physical pen-testers gain access to a company's offices or data centre with the goal of connecting to a restricted network, planting a bug or even an imitation explosive device

With ten years experience as a pen-tester, Allsopp offers superb insight into common methods used by criminals to manipulate employees, from phone calls to outright espionage. The chapter on social engineering, in particular, is guaranteed to spark paranoia and sleepless nights among even the most grizzled chief security officers.

Specific tactics he reveals include employing politeness, inducing fear, faking supplication, invoking authority, ingratiation and deference, and even sexual manipulation.

Another chapter details several successful pen-tests conducted by Allsopp and his team, including attacks on a UK power plant and a supercomputing facility conducting spatial modelling of nuclear explosions for the military. He also describes the antics of a pentester who bypassed the security of a large corporate by observing the uniform of the firm's security guard, then showing up the next day in identical costume, pulling rank and relieving the man of duty

The enjoyment Allsopp clearly derives from his work is reflected in his book; he writes with that particular tone of repressed glee common among white hat hackers. This, together with his tendency to adopt a Boy's Own adventure narrative style, makes the book very readable but occasionally somewhat glib. And at times it is hard to tell whether Allsopp is offering advice to the CSO, helping the reader start their own pen-testing company or trying to prove to a less salubrious readership how clever he is.

Indeed, many of the techniques described in Unauthorised Access are open to abuse. Allsopp gives the excuse that "the bad guys already know", before urging the reader to consider taking up lock picking as a rewarding hobby.
3 of 3 people found the following review helpful
5.0 out of 5 stars Solid overview 17 Sep 2010
By Loose Deuce - Published on Amazon.com
Format:Paperback|Verified Purchase
A good, solid intro to penetration testing. Obviously each aspect of penetration testing deserves its own separate book, but I won't penalize the book for that. I enjoyed it.
3 of 3 people found the following review helpful
5.0 out of 5 stars Great book. Very informative. 22 July 2010
By Westin - Published on Amazon.com
Format:Paperback
As the author notes several times throughout the book, this work is not exhaustive on any one subject. It does, however, provide a very nice overview of penetration testing as a whole. It covers several aspects that I wouldn't have thought of.

As a systems administrator, I bought this book to get some ideas about weak points in our network/physical security. After reading through some of the examples and case studies, I have made some changes that I think will go a long way in beefing up our security.

I would definitely recommend reading this book if you have any interest in IT/Physical security.
1 of 1 people found the following review helpful
4.0 out of 5 stars Excellent hard-to-find information 29 Nov 2012
By Jordan - Published on Amazon.com
Format:Paperback|Verified Purchase
It's hard to find information like this anywhere else. The book is very organized, and is a good place to turn for security administrators and penetration testers alike.

A little of the information seems outdated however. I've been looking for the Icom IC-R3 described in the book, as it would provide very useful to my job. The only place I've seen it is Ebay, and I'd rather not buy things from Ebay. If anybody knows where to get one, please leave a comment. Thanks!
4.0 out of 5 stars Good for Cyber Security professionals or wanna-be's 16 July 2013
By Z. Meadows - Published on Amazon.com
Format:Paperback|Verified Purchase
Wil brings to the table a very knowledgeable and down to earth approach on the needs for Cyber-security. He does NOT go in depth, but that is just fine, because he peeks your interest to learn more from other resources or gets you prepared to understand the basics of cyber-security. A good purchase; well worth the price.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 

Search Customer Discussions
Search all Amazon discussions
   


Look for similar items by category


Feedback