Full Disclosure mailing list archives
Re: Fwd: Rate Stratfor's Incident Response
From: Valdis.Kletnieks () vt edu
Date: Mon, 09 Jan 2012 14:54:55 -0500
On Mon, 09 Jan 2012 20:00:11 +0100, "J. von Balzac" said:
Valdis you make me curious - how do you know that most are kids, and script kiddies?
Note that it wasn't me who suggested hiring script kiddies to do pen tests. I was pointing out why it wouldn't work.
Isn't it more likely that the people who massively pwned Stratfor are indeed mature and serious?
If they're mature, serious, and pwning machines like that, they're heavy duty black hats (pretty much by definition). What are the chances they'll want to take a consulting gig doing a pen test (which would require they come out of hiding?) Yes, there's a few people working both sides of the fence. *VERY* few, and certainly not enough to make it feasible in general to hire one to do your pentests. And again, there's that whole "Do you really want to hire a known black hat" issue to work around.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Fwd: Rate Stratfor's Incident Response, (continued)
- Re: Fwd: Rate Stratfor's Incident Response Ferenc Kovacs (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Bob Dobbs (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Paul Schmehl (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response gold flake (Jan 09)
- Message not available
- Message not available
- Re: Fwd: Rate Stratfor's Incident Response Ian Hayes (Jan 08)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Dave (Jan 08)
- Re: Fwd: Rate Stratfor's Incident Response J. von Balzac (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Ferenc Kovacs (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response Jeffrey Walton (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response Byron Sonne (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 10)
- Message not available
- Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response Kyle Creyts (Jan 11)
- Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response James Smith (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 10)