Re: The legal / illegal line?

pen-test

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: The legal / illegal line?

from [Security Guy]

[Permanent Link][Original]

To:	admin@propergander.org.uk
Subject:	Re: The legal / illegal line?
From:	"Security Guy" <security@sligoinc.com>
Date:	Mon, 5 Mar 2007 13:38:51 -0500
Cc:	"Barry Fawthrop" <barry@ttienterprises.org>, pen-test@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
In-reply-to:	<45EBF974.1090400@propergander.org.uk>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<45E781F7.5060609@ttienterprises.org> <45EBF974.1090400@propergander.org.uk>
Resent-date:	Mon, 5 Mar 2007 10:43:15 -0700 (MST)
Resent-from:	pen-test-return-1078483701@securityfocus.com
Resent-message-id:	<20070305174315.713082372A4@outgoing3.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com

Produce a report for the company explaining how you could take control
of or pull information from their systems using the results of your
legal scan.

Any IT manager/leader/security bod should take your report seriously


...and could call the FBI/MI5/Statsi or whatever your local
constabulary is called and have you arrested under various computer
mis-use legislation. It's certainly best to obtain permission first
before doing anything whatsoever. Any legitimate pen-tester will get a
signed contract before as much as a ping scan.

I don't like the 'locked/unlocked doors' analogy. I prefer a window:
peering in someone's windows _will_ get you arrested if you linger
long enough (no, pun not intended)

-Karl

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
The legal / illegal line?, Barry Fawthrop Re: The legal / illegal line?, Philosophil Re: The legal / illegal line?, Varun Nair Re: The legal / illegal line?, admin Re: The legal / illegal line?, Security Guy <= RE: The legal / illegal line?, Craig Wright Re: The legal / illegal line?, Barry Fawthrop RE: The legal / illegal line?, McCarty, Eric C. Re: The legal / illegal line?, Tim Shea RE: The legal / illegal line?, Craig Wright Re: The legal / illegal line?, Dotzero Re: The legal / illegal line?, Martin Zimmermann Re: The legal / illegal line?, Chris Travers Re: The legal / illegal line?, Security Guy Re: The legal / illegal line?, David Swafford

Previous by Date:	Re: Windows XP salted hashed verification of domain passwords, Security Guy
Next by Date:	RE: The legal / illegal line?, McCarty, Eric C.
Previous by Thread:	Re: The legal / illegal line?, admin
Next by Thread:	RE: The legal / illegal line?, Craig Wright
Indexes:	[Date] [Thread] [Top] [All Lists]