Home page logo

pen-test logo Penetration Testing mailing list archives

Pen testing a off-site web server
From: Franklin DeMatto <franklin () qDefense com>
Date: Sun, 20 May 2001 17:41:45 -0600

Anyone know how to handle the legal/bueracratic aspects of pen-testing a web server which is not in-house, but property 
of a hosting company??

The hosting company may not take lightly to suggestions that it may be vulnerable, and may be afraid of damage caused 
by a test.  Worse, if the server is not dedicated, but rather uses virtual hosts, other clients could be affected by 
the testing.

Any real-world advice, forms, paperwork, or legal info. would be appreciated.

Franklin DeMatto
franklin () qDefense com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]