Monday, July 12, 2010

TRAINING: Lockpicking, From Novice to Master in Two Days

Again on this edition, Deviant Ollam will present the "Lockpicking, From Novice to Master in Two Days" training!


More information here.


TITLE:
Lockpicking, From Novice to Master in Two Days

OVERVIEW:
Physical security is an oft-overlooked component of data and system security in the technology world. While frequently forgotten, it is no less critical than timely patches, appropriate password policies, and proper user permissions. You can have the most hardened servers and network but that doesn't make the slightest difference if someone can gain direct access to a keyboard or, worse yet, march your hardware right out the door.


TOPICS:
* The Basic Pin Tumbler Design - 90% of your doors are unsafe
* Combination Locks - open in 30 seconds with a beer can, or in 10 minutes with no tools at all
* Warded Lock Bypassing - yes, skeleton keys DO exist.
* Tubular Lock Picking - does your elevator restrict access to specific floors? Think again.
* Wafer Locks - is there anything of value in your desks, access panels & cars?
* Handcuffs & Gun Locks - physical security at its most basic.
* Bump Keying - the newly-publicized threat... who is addressing it and who is only paying lip service.
* Picking High Security Pins - with a steady hand, this is possible. You will learn how.
* Advanced Sidebar Functionality - how PROPER high-security locks function.
* Concerns for Large Institutions - master keying, fire codes, and emergency access... comply with the law without sacrificing security.
* Electronic Locks - just because there are wires and circuits doesn't mean there's security.
* Electronic Access Control Systems - how to tell a robust and strong RFID/Prox/SmartCard HID system from a poor one.
* Infrastructure Security - augmenting your physical locks and access controls with proper building design.
* Forensics After a Break-In - don't make mistakes that can result in denial of thousands in insurance coverage.
* Acquiring Your Own Tools - we'll give you a starter kit in this course, but in case you want additional tools, we will also cover the best (and most economical) sources for hardware.

YOU'LL LEARN:
Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access. Attendees will not only learn how to distinguish good locks and access control from poor ones, but will also become well-versed in picking and bypassing many of the most common locks used in North America... convince management that a new investment is necessary by showing them yourself how the server room door can be opened without a key in under a
minute!

PREREQUISITES/REQUIRED MATERIALS:
None. If you have your own lockpicks, you are welcome to bring them, but this is not necessary. A set of lockpicking tools will be provided to you as part of the course.

COURSE LENGHT:
Two days. All course materials, lunch and two coffee breaks will be provided. A Certificate of Completion will be offered.


TRAINER: Deviant Ollam
While paying the bills as a security auditor and penetration testing consultant with The CORE Group, Deviant Ollam is also a published author and member of the Board of Directors of the US division of TOOOL, The Open Organisation of Lockpickers. Every year at DEFCON and ShmooCon, Deviant runs the Lockpick Village, and he has conducted physical security training sessions at Black Hat, DeepSec, ToorCon, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, and the United States Military Academy at West Point.

1 comment: