Penetration Testing mailing list archives
Re: Volunteer pen testing
From: Richard Rager <kb8rln () penguinmaster com>
Date: Tue, 14 Dec 2004 23:03:45 -0600 (CST)
On Tue, 14 Dec 2004, Matt Bellizzi wrote:
Just wanted to bounce an idea off on this list. Lately I've been thinking of doing some charity work. However I generally avoid physical labor. The idea has entered my brain to provide pen testing/security audit services to non profits. I am by no means a pet test expert. Although I do have solid networking/security skills (I'm a QA engineer for IPSec VPNs and firewalls). Obviously for a non profit to be eligible they would either need a constant-on connection or a co-located host. Just thought it would be a fun way to learn more about pen testing, help the community and helping organizations that are generally straped for cash.
I really hate to say this. Get a lawyer. This is the reasons. You need to define what you will test. What types of test will you do. What Systems you will test. IE Routers, Web Servers, Mail server IDS? What will hapen if you do any harm? I have done pen testing and was trying to get there IDS mad at me. The web server die. Who do you call? Get out of jail free card is good to have here. Limit your liablities. What will you do with the information that you collect? Who will you give it too? How long with you keep the information? Stay away with anything close to GLB or HIPPA It really a can of worms. Just let me say. It nice idea, please remember no good deed goes unpunished. Enjoy, Richard Rager penguinman.com
Current thread:
- Volunteer pen testing Matt Bellizzi (Dec 15)
- Re: Volunteer pen testing L. Walker (Dec 15)
- Re: Volunteer pen testing Matt Bellizzi (Dec 15)
- Re: Volunteer pen testing Travis Good (Dec 16)
- Re: Volunteer pen testing Matt Bellizzi (Dec 15)
- RE: Volunteer pen testing Chuck Fullerton (Dec 15)
- Re: Volunteer pen testing Richard Rager (Dec 15)
- <Possible follow-ups>
- RE: Volunteer pen testing Lachniet, Mark (Dec 15)
- Re: Volunteer pen testing L. Walker (Dec 15)