Re: Corporate Intranet

[Steve Pinkham <steve.pinkham () gmail com>]

On Monday 04 May 2009 11:15:21 am Adriel T. Desautels wrote:
> It just shows how much skill really exists in our industry...
>
>
> so... yes. :)

In fact, the major point of the whole field of pen testing is the qualification 
of risk, and in general the "white hat" security researchers exist to expose 
the true level of risk we face.  That of course leads into the whole 
disclosure debate, which is like the song that never ends.
I'm on the "responsible disclosure" side, and think everyone who wants to be 
able to learn about the risks should be able to do so, as in the long run that 
makes us all more secure.
On a related note, vi is the One True Editor...  :-)

> On Apr 30, 2009, at 1:45 PM, Jeremy Brown wrote:
> > In all honestly, and it may be slightly off topic, but aren't most of
> > the questions posed to this list counter intuitive, or even risky to
> > at least reputable penetration testing outfits?
> >
> > On Thu, Apr 30, 2009 at 11:13 AM, Adriel T. Desautels
> >
> > <ad_lists () netragard com> wrote:
> > > Paul,
> > >        We do that same thing on a daily basis for various
> > > customers.  Why
> > > are you asking? Are you a pen-tester?
> > >
> > > On Apr 27, 2009, at 2:44 PM, iadcc wrote:
> > > > Has anybody done a penetration test, in trying to access a companies
> > > > corporate intranet, from outside the Network? If so can you give
> > > > me some
> > > > pointers how you attempted to do so?

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------