Penetration Testing: Pen testing a off-site web server

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Penetration Testing mailing list archives

Pen testing a off-site web server

From: Franklin DeMatto <franklin () qDefense com>
Date: Sun, 20 May 2001 17:41:45 -0600

Anyone know how to handle the legal/bueracratic aspects of pen-testing a web server which is not in-house, but property 
of a hosting company??

The hosting company may not take lightly to suggestions that it may be vulnerable, and may be afraid of damage caused 
by a test.  Worse, if the server is not dedicated, but rather uses virtual hosts, other clients could be affected by 
the testing.

Any real-world advice, forms, paperwork, or legal info. would be appreciated.

Franklin DeMatto
franklin () qDefense com
qDefense - DEFENDING THE ELECTRONIC FRONTIER

By Date By Thread

Current thread:

Pen testing a off-site web server Franklin DeMatto (May 22)
- Re: Pen testing a off-site web server Meritt James (May 22)
- Re: Pen testing a off-site web server batz (May 22)
  - RE: Pen testing a off-site web server Jim Huddleston (May 23)
    - RE: Pen testing a off-site web server Mike Forrester (May 31)
- <Possible follow-ups>
- RE: Pen testing a off-site web server Graham, Randy (RAW) (May 22)