Security Basics mailing list archives
RE: Quality and Comprehsive Services
From: Meidinger Chris <chris.meidinger () badenit de>
Date: Mon, 25 Aug 2003 11:16:24 +0100
Are you just planning to offer those services, or would you like to provide them as well? I would suggest learning how to do each one of those things, and after you do it, then adding it to your offerings.* Oh yes, and don't forget to offer extended driver development for /dev/null, you could even sell USB devices to connect to that important port. *no, seriously. Look, i've been doing this security stuff for a while, and i would be really queasy putting that much stuff on offer. Something like pen testing or forensics is not for the security novice. If you want to offer this stuff, figure out how to learn it first, and try it out. Try to break into you own computer or web application. Spend some time with each of the areas you listed, and when you feel comfortable doing it, then offer it professionally. You don't want to get into a breach of contract dispute when you are doing forensics for someone and end up contaminating the evidence, or not maintaining chain-of-custody records and getting the evidence rejected by a judge. Practice makes perfect. Chris Meidinger badenIT GmbH System Support Tel. +49 761 279 2280 Fax. +49 761 279 2200 Tullastrasse 70 79108 Freiburg Deutschland -----Original Message----- From: Brian Rogalski [mailto:brianr () totalcomsolutions com] Sent: Friday, August 22, 2003 5:28 PM To: Security Focus Subject: Quality and Comprehsive Services Members, My name is Brian and I am some what a newbie in the security field. I am working for a small start-up company and want to offer network security solutions. I thought the best course of action would be to ask the experts (you guys). I started thinking of a list of services to offer customers. If any of you have a few minutes I thought you could help me with the list. Some of what I came up with: Network Deployment Analysis (making sure the network is set up properly) System Auditing Penetration Testing Venerability Assessment Web Penetration Testing Forensics I know I am probably missing somethings Thanks in advance Brian --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world's premier technical IT security event. Modeled after the famous Black Hat event in Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors. Symantec is the Diamond sponsor. Early-bird registration ends September 6.Visit us: www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- RE: Quality and Comprehsive Services Meidinger Chris (Aug 25)