Tag Archives: physical security

January 7, 2013

Does Your Alarm Have a Default Duress Code?

Brian Kerbs on his website Kerbs on Security writes a great article on how alarm systems can have a distress code

Sometimes it takes a security scare to help improve your overall security posture. Case in point: Over the holidays, I learned that our alarm system — one of the most widely used home security systems in America — contains a default code that disables the alarm. Although entering this code simultaneously alerts the police that an intruder is in the house, it also could give thieves just enough time to get away with your valuables without alerting the neighbors.

Over the holidays, I lost my keychain. On said chain was a very expensive key fob for unlocking and starting our car, the keys to our front door, and a remote control that arms and disarms the alarm system. For several days, the wife and I searched frantically and repeatedly for the keys. Needless to say, I didn’t leave the house the whole time. In the hopes of perhaps disabling the alarm keyfob myself, I downloaded the user manual for my alarm system (a Safewatch Pro 3000), but I could not figure out a way to complete the process.

After of the fourth day of failing to locate the missing keys, we decided it was time to call a locksmith and ADT, our alarm company. The ADT technician arrived promptly and was extremely fast, courteous and helpful. But he said he couldn’t remove the fob without plugging in an external keyboard that he had on hand.

As he worked, I asked him about a feature of the alarm system that I’d read about in the manual: A duress code. Simply put, a duress code is a secondary, covert signal designed to be entered on the alarm keypad in the event that an attacker or robber ambushes you at home and forces you to disarm the system. A duress code will appear to disarm the system, but it will also send a silent panic alert to the ADT monitoring station that a potentially hostile intruder has entered the home.

I asked the technician how difficult it would be to set up a duress code for my system. He informed me that there was already one programmed into my unit, and that ADT technicians routinely set all systems like mine with the same default duress code: 2-5-8-0, the four digits that run straight down the middle of the keypad.

My temporary shock was interrupted by a phone call, and before I knew it the technician was done and heading to his next appointment. Later that evening, several Internet searches confirmed the technician’s statement. Thankfully, ADT helped me change the code to one of my choosing, but it took some trial and error via ADT’s phone support staff. The ADT support lady told me that my alarm panel indeed was supposed to be configured by the technician with a duress code of 2-5-8-0. Continue reading →

Rating: 0.0/5 (0 votes cast)

1 Comment

Filed under Penetration / Hacking, Physical Security

Tagged as Access Control, ADT technician code, alarm, alarm default code, alarm duress code, alarm system, Brian Kerbs, bypassing alarms, default code, Default Duress Code, Home, Joey, Joey Muniz, joseph, joseph muniz, Kerbs on Security, LanCope, Muniz, physical security, Pro3000, Safewatch, Security

November 29, 2012

Building a Active Identity HID Global Two-Factor Card Authentication Lab : ActivID CMS Overview

Many of our customers are investing in multi-factor authentication solutions. The multi-factor industry offers a range of options such as physical cards, certificates and tokens that represent “Something you have” mixed with a pin, password or security phase that is “Something you know”. A upcoming multi-factor technology is biometrics representing “Something you are” however its not as common as having and knowing something. DoD has standardized on Common Access Cards or CAC while civilian agencies tend to use Personal Identification Verification or PIV cards for accessing systems and secured areas. Both card solutions use similar smart card technology however things like the Certificate Authority and what is printed on the cards are different between organizations.

Customers request my team to provide security demonstrations and often ask if the solution being showcased is CAC / PIV / smart card capable. There are a few players in the CAC / PIV / smart card market. One we like is Active Identity (now part of HID Global). Active Identity offers many multi-factor authentication solutions including CAC / PIV and smart card packages that range from the HID reader to the card management system. Active Identity’s flagship card management solution is ActivID CMS, which is a web-based application using Apache Tomcat and IIS. Active Identity does not provide a Certificate Authority (CA) for generating certificates or Hardware Security Module (HSM) for storing master keys however a lab can work without these.

For those who want to build a CAC / PIV / smart card lab, go to Active Identity’s demo download page found HERE and download the latest ActivID CMS. I’m running ActivID CMS in my lab using VMware workstation on a standard windows laptop. There are a lot of steps in the install guide so make sure to download that as well. To summarize the installation steps, you will need to do the following: Continue reading →

Rating: 0.0/5 (0 votes cast)

1 Comment

Filed under Physical Security

Tagged as Access Control, Active Identity, ActivID, ActivID CMS, authentication, CAC, CAC enable, card management system, certificate authority, Common Access Card, end point management, Hardware Security Module, HID, HID Global, HID Omnikey, Home, Joey, Joey Muniz, joseph, joseph muniz, logical access, multi factor authentication, Muniz, network security, Omnikey, Personal Identification Verification, Physical access control, physical security, PIV, PIV enable, RSA, Security, Smart cards, Smartcard, Something you have, Something you know, two-factor, World Wide Technology, world wide technology inc., wwt

September 24, 2012

Lock Picking Tools : How Much Skill Do You Really Need? Bump Keys, Lock Picks, Lock Guns

Lock picking tools have made lots of noise with the theme “anybody can use lock picking tools to break into your house”. There are segments about lock picking on popular TV news shows, movies (example The Next Three Days) and websites scaring people like my Mom who called me after seeing something like this (news example HERE). For more information on lock picking, go to a older post found HERE.

I have acquired different lock picking tools over the course of my career but have not spent time mastering the art of lock picking. For those that don’t know, lock picking is an art similar to solving puzzles. There is a competitive lock picking scene that takes lock picking skills beyond the typical professional locksmith. My question however is regarding the average joe criminal as specified in some of the advertisements for lock picking tools. How easy is it to break into a house with commercial lock picking tools? Can anybody just buy a lock picking solution and walk into a stranger’s house? Lets find out.

The Door :

I had a friend volunteer his backdoor locks. His door has two locks which are a commercial Padlock and Deadbolt. The locks were installed by a licensed locksmith. Consider this a representation of a typical residential door.

Method 1: Using Standard Lock Pick Kit

Continue reading →

Rating: 4.0/5 (2 votes cast)

5 Comments

Filed under Physical Security

Tagged as Access Control, ASSA, bump key, bump keys, bumping a lock, Half-diamond pick, Home, Hook pick, Joey, Joey Muniz, joseph, joseph muniz, lock bumping, lock gun, lock pick gun, lock picking, lockpick, locksmith, Medeco, Mul T Lock, Muniz, network security, padlock, padlock shim, physical security, pin tumbler lock, Security, Tension Wrench, World Wide Technology, world wide technology inc., wwt

August 15, 2011

Locks Keep the Honest People Out: How the Bad Guys Break In | lock picking.

People lock their doors at night and feel protected from criminals. The scary thing most people are not aware of is locks are easy to bypass with inexpensive tools. You may think these tools are hard to obtain however I watch lock pick kits sellout at security conferences each year with attendance in the thousands. If you search the Internet for terms like “lock picking, bump keys or impressioning” you’ll find hundreds of results including video tutorials. It’s not hard for criminals to break into doors and safes. In most cases, they can do it in under a minute without leaving behind evidence the average users will notice.

Inside a common lock

The first thing you should understand is the basic concept of most locks. Common door locks contain components that sit out of line until a key is inserted. Once the components are lined up, the lock can be opened. Most lock picking tools use two tools to bypass this system. One tool applies tension to the lock while the second tool moves the plug, bolt or other components into position. Once the attacker properly positions the components the lock can be opened.

Picture of two lock picking tools I purchased at a conference for under $20

Another way attackers could bypass a common pin-tumbler lock is using a bump key. The concept uses a modified key that has cuts at their lowest depths. Attackers use a bump hammer on the inserted key by lightly tapping and applying tension. This causes kinetic energy to travel from the key to the top pins causing these pins to jump. If all top pins jump above the shear-line, the lock will open. I’ve gotten this to work with the back of a rubber screwdriver handle but it took lots of attempts.

Picture of bump keys I picked up for under $20 dollars.

Impressioning is a way to develop a permanent working key. One way this could be done is using a blank key by inserting it into a lock and applying lots of torque. The lock’s pins will leave marks on the blank key giving away their positions. The attacker can file down those locations and continue the process until the key opens the lock. This may sound time consuming however a German speaker at the 2011 Defcon conference opened an average lock using this technique in 30 seconds. Blank keys for common locks can be purchased in bulk for very little.

There are more professional ways to beat locks such as using pin guns, molding or bypassing the lock (IE using the old credit card) that I’m not covering. Many enthuses consider lock picking a hobby where locks are like puzzles to be beaten and understood. I’m not skilled in this art yet with cheap tools have opened locks at conference and other approved locations. Your best bet is to continue to use locks along with a detection defense such as an alarm or surveillance system. My neighbor relies on his dog and shotgun, which is just as effective.

Rating: 5.0/5 (1 vote cast)

5 Comments

Filed under Physical Security

Tagged as Access Control, blackhat, bump key, bump keys, bumping a lock, defcon, hydraulic jack, impressioning, Joey Muniz, joseph, joseph muniz, lock bumping, lock picking, lock plug, locksmith, padlock shim, physical security, pick gun, pin tumbler lock, Security, shmoocon, tumbler, unauthorized access, World Wide Technology, wwt

Tag Archives: physical security

Does Your Alarm Have a Default Duress Code?

Building a Active Identity HID Global Two-Factor Card Authentication Lab : ActivID CMS Overview

Lock Picking Tools : How Much Skill Do You Really Need? Bump Keys, Lock Picks, Lock Guns

Locks Keep the Honest People Out: How the Bad Guys Break In | lock picking.

Search

Topics

Cisco ISE Documentation

Subscribe

Blogroll