RE: Pre-Scanning for Marketing

I believe unless the owner were legally (i.e. financially) responsible
for their security flaws such pre-scanning would be useless.

Moreover penetration testing without written permission in advance might be legally
turned against the tester.

In majority of cases I got negative/zero reaction so I would not bother.

-----Original Message-----
From: Password Crackers, Inc. [mailto:pwcrack@xxxxxxxxxxx]
Sent: Tuesday, January 10, 2006 5:11 PM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Pre-Scanning for Marketing


I am interested if anyone on the list has ever tested or implemented a
marketing program that involved pre-scanning (wired or wireless) a prospect
and then sending a letter or email describing potential vulnerabilities and
offering assistance in closing these vulnerabilities. I have never done
this because of the anticipated negative reaction, but I am curious as to
what the outcome was if anyone else has done it. Single instances would be
interesting, but I am more curious if anyone has implemented this in a more
broad-based way and has positive and/or negative response rate statistics.

Bob Weiss
Password Crackers, Inc.


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Relevant Pages

  • RE: Pre-Scanning for Marketing
    ... installer there were some Security issue, ... vulnerabilities are easily and efficiently identified. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • RE: Penetration test of 1 IP address
    ... You could use a whole sleth of tools on some server, ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Check your website for vulnerabilities to SQL injection, ... Up to 75% of cyber attacks are launched on shopping ...
    (Pen-Test)
  • RE: Pre-Scanning for Marketing
    ... Subject: RE: Pre-Scanning for Marketing ... even though certainly vulnerabilities are ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • RE: Pre-Scanning for Marketing : Analogy Day
    ... of demonstrating vulnerabilities people "need" to know about. ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ... Check your website for ...
    (Pen-Test)
  • RE: Pre-Scanning for Marketing
    ... vulnerabilities are easily and efficiently identified. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)