Social engineering rocks


I just read this funny story about how to stop P2P user utilizing all the public bandwidth in the hotel. Just read the conversation between “Eric Smith” and “me”:

Me: Eric Smith?

Eric: Uhh, yeah?

Me: My name is Jim Grant, and I’m an investigator with the RIAA. Have you heard of us?

Eric: Uhhhhh… What does that stand for?

Me: Recording Industry Association of America. We represent several large record companies. In monitoring several p2p file-sharing networks, we have found that you Eric, are currently downloading copyrighted material. Are you aware that this is illegal?

Eric: Ummm. my laptop is off. (At this point, I no longer see him on the network)

Me: We are in the process of filing 18182 lawsuits against people who steal copyrighted music on the internet. We will continue monitoring these networks, and if we see you on them again, you will hear back from us.

Eric: Ok, thanks. Bye.

The author take another approach, social engineering to solve this problem. We would discuss more about the geek’s traditional approaches like ntop, arp poisoning, raw packet injection etc. later.