From: Stephen Smoogen (smoogen@lanl.gov)
Date: Fri May 09 2003 - 15:30:01 EDT
Sadly, most industry standards have always been purchase only. It is
normally meant to be a revenue mechanism for the standards body so that
it can be somewhat 'independant' of sponsors.
On Fri, 9 May 2003, Richard Ginski wrote:
>Since many pen tests/vulnerability assessments can be based on
>ISO17799, I am asking this list for information.
>
>I have looked all over for a copy of this "industry standard". The only
>places I have found it offered is where it is offered as a
>purchase....along with a toolkit. Seems to me that if you have an
>"industry standard' it should be freely available so that "industry"
>can follow it. Otherwise, if the only means to obtain the standard is
>by purchasing, it should be considered a proprietary work and not an
>"industry standard". (my .02)
>
>I am only interest in downloading/reading the standard. Can someone
>please provide a link to where the standard is freely downloadable?
>Thanks in advance.
>
>
>---------------------------------------------------------------------------
>Did you know that you have VNC running on your network?
>Your hacker does.
>Plug your security holes.
>Download a free 15-day trial of VAM:
>http://www.securityfocus.com/StillSecure-pen-test
>----------------------------------------------------------------------------
>
>
-- Stephen John Smoogen smoogen@lanl.gov Los Alamos National Labrador CCN-5 Sched 5/40 PH: 5-8058 Ta-03 SM-261 MailStop P208 DP 17U Los Alamos, NM 87545 -- So shines a good deed in a weary world. = Willy Wonka -- --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:33 EDT