Penetration Testing mailing list archives
re: Odd situation, advice needed on penentration test results
From: Desmond Irvine <desmond.irvine () sheridanc on ca>
Date: Thu, 27 Mar 2003 09:09:43 -0500 (EST)
I think the reason for the original post is because the customer is a fortune 500 company they may choose to keep knowledge of the intrusion in house to avoid embarrassment. What should the pen-testers do in this case? Due to what has been seen it sounds like a fairly sophisticated intrusion that needs to be analyzed and reported so that the security community will know about it. Most certainly the companies whose software is involved should know about it. However, the pen-tester is under contract with the customer and most likely there are clauses on confidentiality that precludes the tester independently choosing what actions should be taken or how far the information about the breech can be disseminated. In the end it's the customers decision isn't it? On Wed, 26 Mar 2003, Harlan Carvey wrote:
From what I understand of your situation, during the course of a pen-test, you ran across a potential intruder, potentially in the process of committing a crime. If this is the situation, I have to wonder why you're bothering to ask the list what to do. One would think that if your customer is potentially loosing something very important and valuable, that you'd immediatly switch from pen-test mode to forensics mode...or at the very least inform the customer. I guess I just don't understand why there's any indecision at all... __________________________________________________ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1
top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1
Current thread:
- Odd situation, advice needed on penentration test results saraf (Mar 26)
- Re: Odd situation, advice needed on penentration test results Ido Dubrawsky (Mar 26)
- Re: Odd situation, advice needed on penentration test results Raven Alder (Mar 26)
- RE: Odd situation, advice needed on penentration test results Greg Reber (Mar 26)
- <Possible follow-ups>
- re: Odd situation, advice needed on penentration test results Harlan Carvey (Mar 26)
- re: Odd situation, advice needed on penentration test results Desmond Irvine (Mar 27)
- re: Odd situation, advice needed on penentration test results Harlan Carvey (Mar 27)
- Re: Odd situation, advice needed on penentration test results Desmond Irvine (Mar 27)
- re: Odd situation, advice needed on penentration test results R. DuFresne (Mar 27)
- re: Odd situation, advice needed on penentration test results Desmond Irvine (Mar 27)
- Re: Odd situation, advice needed on penentration test results Ido Dubrawsky (Mar 26)
- Re: Odd situation, advice needed on penentration test results Harlan Carvey (Mar 26)
- Re: Odd situation, advice needed on penentration test results Ido Dubrawsky (Mar 27)
- RE: Odd situation, advice needed on penentration test results Vitaly Osipov (Mar 27)