Penetration Testing mailing list archives

RE: Pre-Scanning for Marketing

From: "Chris Serafin" <chris () chrisserafin com>
Date: Tue, 10 Jan 2006 19:25:17 -0600

I found a huge school district with NO wireless encryption and tried to have
my employer do this.  They have over 50 routers connecting the school's and
this HAS to be a non-compliance issue with student records. Since then, my
employer has done nothing to contact the school.

Chris Serafin
IT Security / Voice Engineer
chris () chrisserafin com





-----Original Message-----
From: Password Crackers, Inc. [mailto:pwcrack () pwcrack com] 
Sent: Tuesday, January 10, 2006 9:11 AM
To: pen-test () securityfocus com
Subject: Pre-Scanning for Marketing

I am interested if anyone on the list has ever tested or implemented a
marketing program that involved pre-scanning (wired or wireless) a prospect
and then sending a letter or email describing potential vulnerabilities and
offering assistance in closing these vulnerabilities.  I have never done
this because of the anticipated negative reaction, but I am curious as to
what the outcome was if anyone else has done it.  Single instances would be
interesting, but I am more curious if anyone has implemented this in a more
broad-based way and has positive and/or negative response rate statistics.

Bob Weiss
Password Crackers, Inc.


----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---





------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Pre-Scanning for Marketing Password Crackers, Inc. (Jan 10)
- RE: Pre-Scanning for Marketing Chris Serafin (Jan 10)
  - RE: Pre-Scanning for Marketing Ebeling, Jr., Herman Frederick (Jan 11)
- Re: Pre-Scanning for Marketing Steve Friedl (Jan 11)
- Re: Pre-Scanning for Marketing alan (Jan 11)
- RE: Pre-Scanning for Marketing Nathan Einwechter (Jan 13)
  - Re: Pre-Scanning for Marketing Kurt Seifried (Jan 15)
    - RE: Pre-Scanning for Marketing Ken Kousky (Jan 17)
- Re: Pre-Scanning for Marketing Kevin Johnson (Jan 14)
- <Possible follow-ups>
- RE: Pre-Scanning for Marketing Shenk, Jerry A (Jan 10)
- RE: Pre-Scanning for Marketing Ed Hudson (Jan 10)
  - RE: Pre-Scanning for Marketing Stonewall (Jan 11)

(Thread continues...)