Re: The legal / illegal line?

To:	Barry Fawthrop <barry@ttienterprises.org>
Subject:	Re: The legal / illegal line?
From:	Chris Travers <chris@metatrontech.com>
Date:	Mon, 05 Mar 2007 10:56:47 -0800
Cc:	pen-test@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	pentest-list2@consult.net
Delivered-to:	mailing list pen-test@securityfocus.com
Delivered-to:	moderator for pen-test@securityfocus.com
In-reply-to:	<45EC1B12.108@ttienterprises.org>
List-help:	<mailto:pen-test-help@securityfocus.com>
List-id:	<pen-test.list-id.securityfocus.com>
List-post:	<mailto:pen-test@securityfocus.com>
List-subscribe:	<mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list:	contact pen-test-help@securityfocus.com; run by ezmlm
References:	<45E781F7.5060609@ttienterprises.org> <45EC1B12.108@ttienterprises.org>
Resent-date:	Mon, 5 Mar 2007 11:37:16 -0700 (MST)
Resent-from:	pen-test-return-1078483706@securityfocus.com
Resent-message-id:	<20070305183716.AE86A145794@outgoing2.securityfocus.com>
Resent-sender:	listbounce@securityfocus.com
Sender:	listbounce@securityfocus.com
User-agent:	Thunderbird 1.5.0.9 (X11/20070102)

Barry Fawthrop wrote:

Thanks All

I agree totally, that it is a line that should be kept away from
But then how do you "prove" to someone that their system isn't as secure
as they "feel"/assume it is?

Tell them what you an do and ask their permission to proceed. Oftenpeople who are overly confident in the security of their systems arejust as interested in proving you wrong. Once they give you permission,as long as you stay within the scope agreed upon, I would think it wouldbe hard to call it trespassing. I generally try to get such permissionin written form (at least email).


IANAL though.

Best Wishes,
Chris Travers

chris.vcf
Description: Vcard

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Re: The legal / illegal line?, (continued) Re: The legal / illegal line?, Varun Nair Re: The legal / illegal line?, admin Re: The legal / illegal line?, Security Guy RE: The legal / illegal line?, Craig Wright Re: The legal / illegal line?, Barry Fawthrop RE: The legal / illegal line?, McCarty, Eric C. Re: The legal / illegal line?, Tim Shea RE: The legal / illegal line?, Craig Wright Re: The legal / illegal line?, Dotzero Re: The legal / illegal line?, Martin Zimmermann Re: The legal / illegal line?, Chris Travers <= Re: The legal / illegal line?, Security Guy Re: The legal / illegal line?, David Swafford Re: The legal / illegal line?, Paul Robertson RE: The legal / illegal line?, Craig Wright Re: The legal / illegal line?, Chris Travers Re: The legal / illegal line?, Justin Ross RE: The legal / illegal line?, Craig Wright RE: The legal / illegal line?, Craig Wright Re: The legal / illegal line?, Chris Travers RE: The legal / illegal line?, Craig Wright

Previous by Date:	RE: The legal / illegal line?, Craig Wright
Next by Date:	RE: Proof of concept - Segregation of developers, Dunn, Kevin
Previous by Thread:	Re: The legal / illegal line?, Martin Zimmermann
Next by Thread:	Re: The legal / illegal line?, Security Guy
Indexes:	[Date] [Thread] [Top] [All Lists]