Re: "PenTest" a container file

From: Jan Heisterkamp (janheisterkamp@web.de)
Date: Mon Jan 29 2007 - 21:18:50 EST

• Next message: Jamie Haggett: "RE: Password cracker required"
• Previous message: Jose Luis Flores: "RE: Password cracker tool"
• In reply to: Javier Fernández-Sanguino: "Re: "PenTest" a container file"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Javier Fernández-Sanguino schrieb:
> Thor (Hammer of God) dijo:
>>
>> modem. I mean, what kind of application development company using
>> their own
>> encryption algorithm would hire someone to crack it who has to post to
>> PenTest for advice on what his first steps should be?
>
> You will be surprised at the number of companies (even govt's) that do
> not do proper background checking of the companies they hire for
> security. Some companies/agencies just look at the money of the
> proposal and hire the cheapest guys around.
>
> From my experience, some european companies that have to run audits
> every year (typically "summarised" to a pentest) and cannot repeat
> with the same company until X years go by [1] will sometimes contract
> some very lame company with good "presence" and no skills.
>
> Regards
>
> Javier
>
> [1] Due to legitimate concerns of companies "getting comfortable" and
> not doing proper work the second time around.
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
>
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
>
> ------------------------------------------------------------------------
>
>
In my opinion he is a student or something like this and they gave it to
him as a kind of homework.
I recomended him how to do this but he disagreed and said that he wanted
to extract the password from RAM [cough...cough]

saludos
Jan

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Jamie Haggett: "RE: Password cracker required"
• Previous message: Jose Luis Flores: "RE: Password cracker tool"
• In reply to: Javier Fernández-Sanguino: "Re: "PenTest" a container file"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:33 EDT