Penetration Testing mailing list archives

RE: Pre-Scanning for Marketing

From: "Stonewall" <stonewall () cavtel net>
Date: Wed, 11 Jan 2006 10:12:51 -0500

I agree.  The local school district and the local police share the same
employer.  Expect the messenger to be shot, several times, in the chest.
Also, local governments are very sensitive to the public, and most likely
will react vigorously to anyone's suggesting that they are idiots.

And don't expect the local newspaper to be interested in submitted articles
about network security generally (as a way of raising awareness and
marketing yourself).  Mine isn't.  Tech toy sellers are big advertisers and
wouldn't like anyone saying their products require more than plug-and-play.


-----Original Message-----
From: Ed Hudson [mailto:ehudson () safenet-inc com] 
Sent: Tuesday, January 10, 2006 6:04 PM
To: Password Crackers, Inc.; pen-test () securityfocus com
Subject: RE: Pre-Scanning for Marketing

There are legal implications involved in scanning someone's network without
their permission.  This is a bad idea all the way around and could almost be
interpreted as blackmail by the "prospect".  All in all, it's not a great
way to drum up business.

-----Original Message-----
From: Password Crackers, Inc. [mailto:pwcrack () pwcrack com] 
Sent: Tuesday, January 10, 2006 10:11 AM
To: pen-test () securityfocus com
Subject: Pre-Scanning for Marketing

I am interested if anyone on the list has ever tested or implemented a
marketing program that involved pre-scanning (wired or wireless) a prospect
and then sending a letter or email describing potential vulnerabilities and
offering assistance in closing these vulnerabilities.  I have never done
this because of the anticipated negative reaction, but I am curious as to
what the outcome was if anyone else has done it.  Single instances would be
interesting, but I am more curious if anyone has implemented this in a more
broad-based way and has positive and/or negative response rate statistics.

Bob Weiss
Password Crackers, Inc.


----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---

The information contained in this electronic mail transmission may be
privileged and confidential, and therefore, protected from disclosure. If
you have received this communication in error, please notify us immediately
by replying to this message and deleting it from your computer without
copying or disclosing it.

----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

RE: Pre-Scanning for Marketing, (continued)
- RE: Pre-Scanning for Marketing Chris Serafin (Jan 10)
  - RE: Pre-Scanning for Marketing Ebeling, Jr., Herman Frederick (Jan 11)
- Re: Pre-Scanning for Marketing Steve Friedl (Jan 11)
- Re: Pre-Scanning for Marketing alan (Jan 11)
- RE: Pre-Scanning for Marketing Nathan Einwechter (Jan 13)
  - Re: Pre-Scanning for Marketing Kurt Seifried (Jan 15)
    - RE: Pre-Scanning for Marketing Ken Kousky (Jan 17)
- Re: Pre-Scanning for Marketing Kevin Johnson (Jan 14)
- RE: Pre-Scanning for Marketing Shenk, Jerry A (Jan 10)
- RE: Pre-Scanning for Marketing Ed Hudson (Jan 10)
  - RE: Pre-Scanning for Marketing Stonewall (Jan 11)
- RE: Pre-Scanning for Marketing Password Crackers, Inc. (Jan 10)
  - RE: Pre-Scanning for Marketing Wray, Donald W (Jan 11)
- RE: Pre-Scanning for Marketing David Ball (Jan 11)
  - Re: Pre-Scanning for Marketing Robin Wood (Jan 11)
- RE: Pre-Scanning for Marketing Rapaille Maxime (Jan 11)
  - Re: Pre-Scanning for Marketing Pete Herzog (Jan 11)
- RE: Pre-Scanning for Marketing Ron Yount (Jan 11)
- RE: Pre-Scanning for Marketing Maxim Kostioukov (Jan 12)
- RE: Pre-Scanning for Marketing Rapaille Maxime (Jan 12)
- RE: Pre-Scanning for Marketing Bergert, David (Jan 13)