nanog mailing list archives

Re: Internet access for security consultants - pen tests, attack traffic, bulk e-mail, etc.

From: Tim Pozar <pozar () lns com>
Date: Mon, 11 Sep 2017 15:58:10 -0700

Ping the DNC? :-)

https://www.wired.com/story/the-dncs-technology-chief-is-phishing-his-staff-good/

Tim

On 9/11/17 3:40 PM, Sean Pedersen wrote:

We were recently approached by a company that does security consulting. Some
of the functions they perform include discovery scans, penetration testing,
bulk e-mail generation (phishing, malware, etc.), hosting fake botnets -
basically, they'd be generating a lot of bad network traffic. Targeted at
specific clients/customers, but still bad. As an ISP, this is new territory
for us and there are some concerns about potential impact, abuse reports,
reputation, authorization to perform such tests, etc. 

 

Does anyone have experience in this area that would be willing to offer
advice?

Current thread:

Internet access for security consultants - pen tests, attack traffic, bulk e-mail, etc. Sean Pedersen (Sep 11)
- Re: Internet access for security consultants - pen tests, attack traffic, bulk e-mail, etc. Tim Pozar (Sep 11)
- Re: Internet access for security consultants - pen tests, attack traffic, bulk e-mail, etc. james machado (Sep 11)
  - Re: Internet access for security consultants - pen tests, attack traffic, bulk e-mail, etc. Andrew Kerr (Sep 14)
    - RE: Internet access for security consultants - pen tests, attack traffic, bulk e-mail, etc. Sean Pedersen (Sep 12)