RE: pen test
- From: "Worrell, Brian" <BWorrell@xxxxxxxxxxx>
- Date: Tue, 11 Dec 2007 07:13:41 -0500
Michael,
Am I wrong, but there are lots of practices and in some cases laws that
say that you need to run vulnerability assessments to be compliant.
If you were to ask you web host in writing before doing it, that should
solve the possible "legality" issue that it sounds like you talking
about.
As far as I know, White Hat hacking has never been illegal, if done
correctly and above board. If it was, why would SANS and other offer
Certified Hacker classes and certs?
Thanks
Brian
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Michael R. Martinez
Sent: Monday, December 10, 2007 7:54 PM
To: Marty Resnick; listbounce@xxxxxxxxxxxxxxxxx; security-basics
Subject: Re: pen test
Marty,
absolutely not, this is called hacking. Pen testing is actively
exploiting a server, identifying a weakness exploiting gaining access.
Are you talking about scanning ports? Could you provide a little more
detail. If you mean pen-testing, then the answer is no.
Cheers
------Original Message------
From: Marty Resnick
Sender: listbounce@xxxxxxxxxxxxxxxxx
To: security-basics
Sent: Dec 10, 2007 9:35 AM
Subject: pen test
Am I able to pen test or run a vulnerability assessment on my web
hosting company. I got the idea after reading this article.
http://www.securitypark.co.uk/Security_article.asp?articleid=260173
--
Marty Resnick
Techmaking Inc.
(877) 291-1110 (office)
(661) 209-2089 (mobile)
(805) 512-9603 (fax)
marty@xxxxxxxxxxxxxx
Michael R. Martinez
TF: 800-987-7307
- Follow-Ups:
- RE: pen test
- From: Craig Wright
- Re: pen test
- From: Serg B
- Re: pen test
- From: Michael R. Martinez
- RE: pen test
- References:
- Re: pen test
- From: Michael R. Martinez
- Re: pen test
- Prev by Date: SSL VPN's from LAN to WAN
- Next by Date: Re: pen test
- Previous by thread: Re: pen test
- Next by thread: Re: pen test
- Index(es):
Relevant Pages
|
