Limited vs full blown testing
From: Toby Barrick (TBLinux_at_covad.net)
Date: 06/23/04
- Previous message: Mister Coffee: "Re: RF code scanners"
- Next in thread: Bénoni MARTIN: "RE: Limited vs full blown testing"
- Maybe reply: Bénoni MARTIN: "RE: Limited vs full blown testing"
- Reply: Jerry Shenk: "RE: Limited vs full blown testing"
- Reply: Richard Rager: "Re: Limited vs full blown testing"
- Reply: Peter Wood: "Re: Limited vs full blown testing"
- Maybe reply: Martin Murray-Brown: "RE: Limited vs full blown testing"
- Maybe reply: El C0chin0: "Re: Limited vs full blown testing"
- Reply: Martin Mačok: "Re: Limited vs full blown testing"
- Maybe reply: Thompson, Jimi: "RE: Limited vs full blown testing"
- Maybe reply: Wayne Wooley: "RE: Limited vs full blown testing"
- Maybe reply: Alan Davies: "RE: Limited vs full blown testing"
- Maybe reply: R. DuFresne: "RE: Limited vs full blown testing"
- Maybe reply: Martin Murray-Brown: "RE: Limited vs full blown testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 23 Jun 2004 09:27:58 -0700 To: pen-test@securityfocus.com
All,
During my many years of pen testing one common thread when dealing with
customers has been the request to not perform any destructive or DOS
type testing. When I speak of DOS, I'm not talking about DDOS, I'm
talking just a single machine and the tests that can be accomplished
with that machine. IMHO abiding by that request is really short changing
the customer and skewing the results. Additionally a lot of companies
don't want their applications poked at either.
What has been the experience of the members on this list? Do you just
gleefully accept the check and any limitations imposed on testing or do
you push for a "complete" suite of tests?
Thanks in advance!
T
- Previous message: Mister Coffee: "Re: RF code scanners"
- Next in thread: Bénoni MARTIN: "RE: Limited vs full blown testing"
- Maybe reply: Bénoni MARTIN: "RE: Limited vs full blown testing"
- Reply: Jerry Shenk: "RE: Limited vs full blown testing"
- Reply: Richard Rager: "Re: Limited vs full blown testing"
- Reply: Peter Wood: "Re: Limited vs full blown testing"
- Maybe reply: Martin Murray-Brown: "RE: Limited vs full blown testing"
- Maybe reply: El C0chin0: "Re: Limited vs full blown testing"
- Reply: Martin Mačok: "Re: Limited vs full blown testing"
- Maybe reply: Thompson, Jimi: "RE: Limited vs full blown testing"
- Maybe reply: Wayne Wooley: "RE: Limited vs full blown testing"
- Maybe reply: Alan Davies: "RE: Limited vs full blown testing"
- Maybe reply: R. DuFresne: "RE: Limited vs full blown testing"
- Maybe reply: Martin Murray-Brown: "RE: Limited vs full blown testing"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
