Re: [fw-wiz] Off-Topic: Memo of Understanding for Using an Ethical Hacker

From: Devdas Bhagat (devdas_at_dvb.homelinux.org)
Date: 08/26/04

  • Next message: Matt Curtin: "Re: [fw-wiz] Off-Topic: Memo of Understanding for Using an Ethical Hacker"
    To: firewall-wizards@honor.icsalabs.com
    Date: Thu, 26 Aug 2004 15:56:38 +0530
    
    

    On 25/08/04 17:30 -0400, Bruce Platt wrote:
    > Without starting a huge flaming thread ...
    >
    > Have any of you used a "Memo of Understanding" or "Contract" (shudder) when
    > asked to do some "ethical hacking" for a company on their resources,
    > systems, and networks?
    >
    > I'd like to skip over the topic of Certification for Ethical Hackers and get
    > to the issue of what one might want to include in such a document to protect
    > both oneself and the company.
    >

    I assume that you mean penetration testing. The pen-test list at
    securityfocus.com is meant for that, and you would probably get the best
    advice there.
    I remember that this question was a semi-faq when I was subscribed to
    that list.

    Devdas Bhagat
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Matt Curtin: "Re: [fw-wiz] Off-Topic: Memo of Understanding for Using an Ethical Hacker"