Penetration Testing mailing list archives
Pen testing a off-site web server
From: Franklin DeMatto <franklin () qDefense com>
Date: Sun, 20 May 2001 17:41:45 -0600
Anyone know how to handle the legal/bueracratic aspects of pen-testing a web server which is not in-house, but property of a hosting company?? The hosting company may not take lightly to suggestions that it may be vulnerable, and may be afraid of damage caused by a test. Worse, if the server is not dedicated, but rather uses virtual hosts, other clients could be affected by the testing. Any real-world advice, forms, paperwork, or legal info. would be appreciated. Franklin DeMatto franklin () qDefense com qDefense - DEFENDING THE ELECTRONIC FRONTIER
Current thread:
- Pen testing a off-site web server Franklin DeMatto (May 22)
- Re: Pen testing a off-site web server Meritt James (May 22)
- Re: Pen testing a off-site web server batz (May 22)
- RE: Pen testing a off-site web server Jim Huddleston (May 23)
- RE: Pen testing a off-site web server Mike Forrester (May 31)
- RE: Pen testing a off-site web server Jim Huddleston (May 23)
- <Possible follow-ups>
- RE: Pen testing a off-site web server Graham, Randy (RAW) (May 22)