Penetration Testing: Re: [PEN-TEST] Ethics Scenario

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Re: [PEN-TEST] Ethics Scenario

From: Darryl Rathbun <darryl.rathbun () PB COM>
Date: Mon, 2 Oct 2000 17:13:39 -0400

I think actively trying to expand your client base by pen-testing non-clients
goes past "chasing ambulances" into the realm of asking them for "protection
money".  There may also be legal issues involved since your penetration testing
can be construed as "breaking and entering."

If it was truly found by accident (i.e. not an active pen-test) and you did NOT
work for a pen-test organization, I would report it to the webmaster
immediately.  As someone with a motive, I may not even let them know for fear
that I may get a lawsuit!

By Date By Thread

Current thread:

Re: [PEN-TEST] Ethics Scenario, (continued)
- Re: [PEN-TEST] Ethics Scenario Erik Tayler (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Dunker, Noah (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Steve (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Tonick, Mike (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Gallicchio, Florindo (2282) (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Darryl Rathbun (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Spy Fox (Oct 02)