Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: The legal / illegal line?

From: Chris Travers <chris () metatrontech com>
Date: Mon, 05 Mar 2007 10:56:47 -0800
Barry Fawthrop wrote:

Thanks All

I agree totally, that it is a line that should be kept away from
But then how do you "prove" to someone that their system isn't as secure
as they "feel"/assume it is?
Tell them what you an do and ask their permission to proceed. Often people who are overly confident in the security of their systems are just as interested in proving you wrong. Once they give you permission, as long as you stay within the scope agreed upon, I would think it would be hard to call it trespassing. I generally try to get such permission in written form (at least email). 

IANAL though.

Best Wishes,
Chris Travers

Attachment: chris.vcf
Description: 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: