Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The legal / illegal line?

From: "Security Guy" <security () sligoinc com>
Date: Mon, 5 Mar 2007 13:38:51 -0500
Produce a report for the company explaining how you could take control
of or pull information from their systems using the results of your
legal scan.

Any IT manager/leader/security bod should take your report seriously


...and could call the FBI/MI5/Statsi or whatever your local
constabulary is called and have you arrested under various computer
mis-use legislation. It's certainly best to obtain permission first
before doing anything whatsoever. Any legitimate pen-tester will get a
signed contract before as much as a ping scan.

I don't like the 'locked/unlocked doors' analogy. I prefer a window:
peering in someone's windows _will_ get you arrested if you linger
long enough (no, pun not intended)

-Karl

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: