RE: Blue Team ROE

From: Angelacci, Anna M CTR SPAWAR, J616 (anna.angelacci@navy.mil)
Date: Mon Mar 12 2007 - 08:23:41 EST


Plan
Prepare letter of consent, and letter of instruction. Blue teams do not
penn test, Red teams do. Blue teams detect, protect, react, and recover.
With your current methodology, you could lose your work.

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of mesenbrink@hotmail.com
Sent: Thursday, March 01, 2007 2:45 PM
To: pen-test@securityfocus.com
Subject: Blue Team ROE

List,

I wanted to send out a general email asking the members of this list
their professional opinions on being limited during a Blue Team
pen-test. I have a govt customer that is trying deny us the ability to
remove password hashes/files from the system for cracking, write
procedures for every tool/exploit that could be possibly executed, not
allow the loading of any tools/exploits on target systems, things like
that..... Of course my reaction is that my company will not perform the
assessment with such restrictions, what are some thoughts from this list
on this subject?

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:39 EDT