Albert van Harten, What The Hack Aps

I also know the Danish snatching mentality. In my opinion, not the way to go.

Sure - huge concerns owned by companies in other countries - they know. Yes, I know Datatilsynet 🙂

Sure, Hamlet isn't always right. However, I've been living in Denmark in the past 20 years and I see what I see 🙂 But's not discuss that. I am going to show them, that they have to disconnect unused ports. Simply because of very low practical security problems: Low risk: I can print on their printers (recently, I logged on to the guest network of a public library. They are having a printer which can be used by citizens, when they pay a little amount using a service called Princh. However, I could see the IP address of the printer, and add it to my printers list, if I would. Medium risk: I could access non-patched, non-secure IoT-devices, if I would High risk: I could access NAS and computers on the network, and plant malware into the machines. Many computers are running with Windows 7 - anno 2023! I totally agree that the approach is to educate the organization. But unless I show them what is possible, they won't listen. The average teacher tells The good teacher demonstrates The extraordinary teacher inspires I am beyond the "average teacher" phase, but inspiring is not what the target group is looking for at this moment. IT Security is really a very unknown thing. Yesterday, I got an e-mail from an organization. I had a bad feeling, half a year ago, about their IT-security, and told them. They said: "We are managing it". Then I got an email two weeks ago: "Somehow, personal sensitive information has been shared with a partner, without consent of the involved citizens". I asked again: "Do you need someone who can tell the personnel as well as the top management team, how hackers work, what can be done, how to recognize them and how to act if they strike?" The email I got yesterday stated: "No thank you. We are managing it". Until they get hacked for real. If you would, you could find some spicy stuff about the ongoing hack of the Danish realtor-chain EDC: They make mistake on mistake, and no-body is doing something. The personnel does not know anything! Danes thinks that IT-problems only exist under the hood, and that nobody is having any responsibility, except their own IT-companies. Ethical hackers do not exist in Denmark. Believe me, it's true! Try to find any jobs in IT-security in Denmark ... They're hard to find.

Thank you, Dark_pyrro. I am an ethical hacker, but I do not have the experience on every part of the branch, and surely not an experience of 20 years: 20 years ago, I was still a script kiddy who did not know anything about ethics and rules. Here in Denmark, most companies do not have the slightest idea of the term "documentation". You would not dream of how often I ask for an overview on the network outlets and people look at me as if they see water burning: Danish companies have no idea what is on their network. And that is why I often would like to show them, that unused network outlets, accessible for everyone, fully connected to their internal network, is a very bad idea. As it is now, I simply connect my Kali Linux or Parrot OS to the network, and show them how easily I can connect to the network. But then, many say: "We would see if someone connects his computer to the network" - which is correct. So I would like to be able, to connect a little network tapping to a unattended outlet, connect a power bank to the tapping device, and connect to the device using Wi-Fi, while sitting in the office of the CEO. That would open the eyes of any decision maker. Albert

Well, the title says it all 🙂 I've been asking ChatGPT, which suggested to build one myself using a Raspberry Pi - but I haven't got the courage yet to do so. Albert Denmark What The Hack ApS

Before I ask my question, I'd like to introduce myself. My name is Albert van Harten, I am the owner of the Danish company What The Hack ApS. I am an ethical hacker, newly CEHv12 trained, but not yet certified. One of my customers is a school, who has planned to ban the use of smart phones during school time. Of course, it is easy to detect smart phones as long as they use the school's Wi-fi. Another thing, though, is when a phone owner uses LTE or NR. Is there any method to detect whether there are devices that use either LTE or NR? Albert van Harten