Full Disclosure mailing list archives

Re: iiscan

From: Cody Robertson <cody () hawkhost com>
Date: Thu, 07 Jan 2010 10:51:14 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 1/7/10 10:18 AM, auto454357 () hushmail com wrote:

So let me see if I got this the right way. 

You guys are allowing an unknown company to scan for your webapps, 
being those apps business critical or not. On top of that, the 
unknown company is based on a country where government supports 
acts of electronic espionage against other nations, mainly those 
where you guys are based.

Is this correct? or am I missing something?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Call me cynical but unless you're trying to scan something that's
supposed to be private it's wide open anyway - who cares if you send
them a URL? They're fully capable of scraping URL's - having someone
simply submit it isn't really going to benefit them much.

You forgot the tin foil hat.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAktGAvEACgkQAr2PPaFwRuqJ5QCfTtsJRPVHSKNalzpUhWx6jMa0
pfkAoIam1UAIaQdfOBgC2krstU71icVm
=r8G7
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

iiscan auto454357 (Jan 07)
- Re: iiscan Cody Robertson (Jan 07)
  - Re: iiscan Robin Sage (Jan 07)
    - Re: iiscan Jeffrey Walton (Jan 07)
    - Re: iiscan Benji (Jan 07)
    - Re: iiscan Michael Holstein (Jan 07)
    - Re: iiscan mrx (Jan 07)
    - Web Issue phpinfo.php Pablo Roberto (Jan 07)
- <Possible follow-ups>
- Re: iiScan Adrian (Jan 08)