Penetration Testing mailing list archives

Re: Pre-Scanning for Marketing

From: "Kurt Seifried" <bt () seifried org>
Date: Fri, 13 Jan 2006 23:57:28 -0700

I am interested if anyone on the list has ever tested or implemented a
marketing program that involved pre-scanning (wired or wireless) a
prospect
and then sending a letter or email describing potential vulnerabilities
and
offering assistance in closing these vulnerabilities.  I have never done
this because of the anticipated negative reaction, but I am curious as
to
what the outcome was if anyone else has done it.  Single instances would
be
interesting, but I am more curious if anyone has implemented this in a
more
broad-based way and has positive and/or negative response rate
statistics.

Bob Weiss
Password Crackers, Inc.

I believe there is a term for this form of "marketing".. what's the term...Oh yes:


"Protection racket"

A protection racket is an extortion scheme whereby a powerful organizationcoerces individuals or businesses to pay "protection money" which allegedlyserves to purchase the powerful organization's protection services againstvarious external threats, whereas the actual threat comes from the powerfulorganization itself. Those who do not buy into the protection plan aretargeted by the powerful organization and are harassed to try to forcepayment of the protection money.

Honestly if someone sent me such a letter my first reaction would be to callcorporate counsel which would probably be followed by a call to lawenforcement.

-Kurt


------------------------------------------------------------------------------

Audit your website security with Acunetix Web Vulnerability Scanner:Hackers are concentrating their efforts on attacking applications on yourwebsite. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers arefutile against web application hacking. Check your website for vulnerabilitiesto SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at:


http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Pre-Scanning for Marketing Password Crackers, Inc. (Jan 10)
- RE: Pre-Scanning for Marketing Chris Serafin (Jan 10)
  - RE: Pre-Scanning for Marketing Ebeling, Jr., Herman Frederick (Jan 11)
- Re: Pre-Scanning for Marketing Steve Friedl (Jan 11)
- Re: Pre-Scanning for Marketing alan (Jan 11)
- RE: Pre-Scanning for Marketing Nathan Einwechter (Jan 13)
  - Re: Pre-Scanning for Marketing Kurt Seifried (Jan 15)
    - RE: Pre-Scanning for Marketing Ken Kousky (Jan 17)
- Re: Pre-Scanning for Marketing Kevin Johnson (Jan 14)
- <Possible follow-ups>
- RE: Pre-Scanning for Marketing Shenk, Jerry A (Jan 10)
- RE: Pre-Scanning for Marketing Ed Hudson (Jan 10)
  - RE: Pre-Scanning for Marketing Stonewall (Jan 11)
- RE: Pre-Scanning for Marketing Password Crackers, Inc. (Jan 10)
  - RE: Pre-Scanning for Marketing Wray, Donald W (Jan 11)
- RE: Pre-Scanning for Marketing David Ball (Jan 11)
  - Re: Pre-Scanning for Marketing Robin Wood (Jan 11)
- RE: Pre-Scanning for Marketing Rapaille Maxime (Jan 11)

(Thread continues...)