Actually while everyone is on this topic. Anyone have any thoughts on
how to approach firewall leak testing?
mOses shift 2 networksamurai period org
Tiago Batista wrote:
> On Mon, 11 Jun 2007 01:56:00 -0700 (PDT)
> Harold Castro <b0ydaem0n@yahoo.com> wrote:
>
>
>
>> If all else fails, do you tell the customer that it is
>> safe to ignore those warnings and vulnerabilities
>> because you, on a hacker's perspective, was not able
>> to penetrate the network by making use of those
>> vulnerabilities found, that the hacker might have a
>> hard time as well and eventually opt for another
>> target?
>>
>
> I am no security expert, but security by obscurity does not seem the way to
> go! The fact that you did not find any good documentation does not imply that
> some old hacker with a grudge against your client does not have the full docs
> in his basement!
>
>
> Tiago
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Are you using SPI, Watchfire or WhiteHat?
> Consider getting clear vision with Cenzic
> See HOW Now with our 20/20 program!
>
> http://www.cenzic.com/c/2020
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
|