From: Security Guy (security@sligoinc.com)
Date: Mon Mar 05 2007 - 13:38:51 EST
> Produce a report for the company explaining how you could take control
> of or pull information from their systems using the results of your
> legal scan.
>
> Any IT manager/leader/security bod should take your report seriously
...and could call the FBI/MI5/Statsi or whatever your local
constabulary is called and have you arrested under various computer
mis-use legislation. It's certainly best to obtain permission first
before doing anything whatsoever. Any legitimate pen-tester will get a
signed contract before as much as a ping scan.
I don't like the 'locked/unlocked doors' analogy. I prefer a window:
peering in someone's windows _will_ get you arrested if you linger
long enough (no, pun not intended)
-Karl
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:38 EDT