Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Crash in system scanned
From: "Kelly Keeton" <kellyrkeeton () gmail com>
Date: Tue, 8 Jan 2008 09:12:59 -0800

sounds to me like you need to read the contract with your consulting
firm. All of this is laid out in a statement of work or some sort of
contract. If you dont have all this in paperwork before the auditor is
dooin work then you need to find a new auditor.

Also if you feel the need to ask the group here, and not stop to talk
to the auditor then thats just crazy.

Your question is 100% something that people cant help you out with.
You need to read what you signed with the company, and if you didnt
sign anything, well then let me come over to hack your network because
its just as crazy as letting a auditor in to your network with out
having all this figured out before hand.

On 7 Jan 2008 15:48:06 -0000,  <ahgaber_rehan () yahoo com> wrote:
I need to know if internal auditor is scanning a system over the LAN during audit assignment, who should take the 
responsibility if the scanned system went down/ crashed due to this scan. I am quite sure scanning has to be 
prearranged with IT and IT Security and approved on the targeted systems, and it's important for IT auditor to 
perform such scanning to avoid any scope limitations during the audit.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]