Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: iiscan
From: Jeffrey Walton <noloader () gmail com>
Date: Thu, 7 Jan 2010 11:52:09 -0500

Hi Robin,

Suppose that acquiring the code requires you to agree to unfavorable
terms of service hidden somewhere on the site, including agreeing to
future (and possibly unwanted) scans, agreeing to allow the company to
plant malware, and indemnification.

IMHO, I think auto454357 raised some valid concerns. As for the auto
generated email, he/she used hushmail (instead of
yahoo/hotmail/gmail), which tells me the person might not fit your


On Thu, Jan 7, 2010 at 11:16 AM, Robin Sage <robin.sage () rocketmail com> wrote:
This definitely sounds like a clueless federal agent.
Especially since he uses an autogenerated email address.
Get with the program........the internet is wide open for people to scan.

From: Cody Robertson <cody () hawkhost com>
To: full-disclosure () lists grok org uk
Sent: Thu, January 7, 2010 10:51:14 AM
Subject: Re: [Full-disclosure] iiscan

Hash: SHA1

On 1/7/10 10:18 AM, auto454357 () hushmail com wrote:
So let me see if I got this the right way.

You guys are allowing an unknown company to scan for your webapps,
being those apps business critical or not. On top of that, the
unknown company is based on a country where government supports
acts of electronic espionage against other nations, mainly those
where you guys are based.

Is this correct? or am I missing something?


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]