Practical Alarm System Bypass for Security Professionals
Over the past several decades most alarm installations have stayed the same more than they have changed. Advancements in physical intrusion detection technologies have produced promising results, but adoption has been generally restricted to government and high-security installations. As a result, most alarm systems installed today remain vulnerable to a variety of attacks and weaknesses. While some research has been performed regarding these systems, the operational information about them is scarce and sometimes incorrect. As a result, the modern security professional has had few resources available for adequately auditing many alarm installations.
From server racks to commercial installations, many alarm systems in use today remain highly vulnerable to malicious tampering and bypass.
Designed for security professionals with no alarm experience, this training will review past and present alarm system architecture, it’s design elements, associated sensors, and methods for their defeat. Both wired and wireless technologies will be discussed, and students will receive extensive hands-on experience with alarm hardware, sensors, and defeat tools.
Students completing the course will have a more comprehensive understanding of how alarms are designed to be used, how they are defeated, and methods that may be used to enhance attack-resistance.
- Alarm History: Past and Present
- Modern Alarm Systems
- Alarm Hardware Overview
- System Design and Architecture
- Wired Bus Protocol Overview
- Bus Accessories and Hardware Overview
- Hardwired Alarm Zone Overview
- Wireless Zone Overview
- Wi-Fi and Cellular Bridges
- Common Sensor Types
- Common Sensor Placement: Good, Bad, and Ugly
- Architectural Weaknesses in Alarm Systems
- Design and Installation Problems
- Weaknesses and Bypass Methods for Hardwired Zones
- Weaknesses and Bypass Methods for Wireless Zones
- Sensor Jamming and Spoofing
- Proper Installation Guidelines
- Wireless Zone Risk Reduction Methods
- Understanding System Weaknesses
- Preventing Physical Access to Critical Alarm Infrastructure
- No prior alarm or hardware experience is necessary
- Students should bring a laptop or notebook computer capable of running a VMware image with the necessary tools
Babak Javadi Security Researcher, Red Team Alliance / The CORE Group
Drew Porter , Red Team Alliance / Red Mesa