Penetration Testing mailing list archives
Re: Corporate Intranet
From: Steve Pinkham <steve.pinkham () gmail com>
Date: Thu, 7 May 2009 15:32:39 -0400
On Monday 04 May 2009 11:15:21 am Adriel T. Desautels wrote:
It just shows how much skill really exists in our industry... so... yes. :)
In fact, the major point of the whole field of pen testing is the qualification of risk, and in general the "white hat" security researchers exist to expose the true level of risk we face. That of course leads into the whole disclosure debate, which is like the song that never ends. I'm on the "responsible disclosure" side, and think everyone who wants to be able to learn about the risks should be able to do so, as in the long run that makes us all more secure. On a related note, vi is the One True Editor... :-)
On Apr 30, 2009, at 1:45 PM, Jeremy Brown wrote:In all honestly, and it may be slightly off topic, but aren't most of the questions posed to this list counter intuitive, or even risky to at least reputable penetration testing outfits? On Thu, Apr 30, 2009 at 11:13 AM, Adriel T. Desautels <ad_lists () netragard com> wrote:Paul, We do that same thing on a daily basis for various customers. Why are you asking? Are you a pen-tester? On Apr 27, 2009, at 2:44 PM, iadcc wrote:Has anybody done a penetration test, in trying to access a companies corporate intranet, from outside the Network? If so can you give me some pointers how you attempted to do so?
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Corporate Intranet RaptorX (May 04)
- <Possible follow-ups>
- Re: Corporate Intranet Adriel T. Desautels (May 07)
- Re: Corporate Intranet Steve Pinkham (May 07)
- [Tools update] The Security-Database Watch Newsletter -- v20090511 SD List (May 14)