Home page logo

pen-test logo Penetration Testing mailing list archives

Re: The legal / illegal line?
From: "Security Guy" <security () sligoinc com>
Date: Mon, 5 Mar 2007 13:38:51 -0500

Produce a report for the company explaining how you could take control
of or pull information from their systems using the results of your
legal scan.

Any IT manager/leader/security bod should take your report seriously

...and could call the FBI/MI5/Statsi or whatever your local
constabulary is called and have you arrested under various computer
mis-use legislation. It's certainly best to obtain permission first
before doing anything whatsoever. Any legitimate pen-tester will get a
signed contract before as much as a ping scan.

I don't like the 'locked/unlocked doors' analogy. I prefer a window:
peering in someone's windows _will_ get you arrested if you linger
long enough (no, pun not intended)


This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]