mailing list archives
Pen testing a off-site web server
From: Franklin DeMatto <franklin () qDefense com>
Date: Sun, 20 May 2001 17:41:45 -0600
Anyone know how to handle the legal/bueracratic aspects of pen-testing a web server which is not in-house, but property
of a hosting company??
The hosting company may not take lightly to suggestions that it may be vulnerable, and may be afraid of damage caused
by a test. Worse, if the server is not dedicated, but rather uses virtual hosts, other clients could be affected by
Any real-world advice, forms, paperwork, or legal info. would be appreciated.
franklin () qDefense com
qDefense - DEFENDING THE ELECTRONIC FRONTIER
- Pen testing a off-site web server Franklin DeMatto (May 22)