Penetration Testing mailing list archives

Re: [PEN-TEST] Ethics Scenario

From: Darryl Rathbun <darryl.rathbun () PB COM>
Date: Mon, 2 Oct 2000 17:13:39 -0400

I think actively trying to expand your client base by pen-testing non-clients
goes past "chasing ambulances" into the realm of asking them for "protection
money".  There may also be legal issues involved since your penetration testing
can be construed as "breaking and entering."

If it was truly found by accident (i.e. not an active pen-test) and you did NOT
work for a pen-test organization, I would report it to the webmaster
immediately.  As someone with a motive, I may not even let them know for fear
that I may get a lawsuit!

Current thread:

[PEN-TEST] Ethics Scenario Christopher M. Bergeron (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Edward Mitchell (Oct 02)
- Re: [PEN-TEST] Ethics Scenario SM (Oct 02)
  - Re: [PEN-TEST] Ethics Scenario Erik Tayler (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Erik Tayler (Oct 02)
- <Possible follow-ups>
- Re: [PEN-TEST] Ethics Scenario Dunker, Noah (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Steve (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Tonick, Mike (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Gallicchio, Florindo (2282) (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Darryl Rathbun (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Spy Fox (Oct 02)