Re: How much do you disclose to customers?

From: fergus (fergus@cobbled.net)
Date: Fri Dec 19 2003 - 09:39:42 EST

• Next message: Brewis, Mark: "RE: How much do you disclose to customers?"
• Previous message: H Carvey: "Re: How much do you disclose to customers?"
• In reply to: Alfred Huger: "How much do you disclose to customers?"
• Next in thread: Brewis, Mark: "RE: How much do you disclose to customers?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

joe,

i would suggest that you agree with management
which addresses you will probe from but ensure
that administators do not know.

they should follow normal response procedure
against the attack - however, resulting legal
action would be stopped by management as they
would know.

fergus

On 18.12-13:13, Alfred Huger wrote:
>
>
> I am posting this for a user who is having difficulty posting directly to
> the list. Please reply to the list.
>
> -al
>
>
> To: Joe P <joe_nasdaq@yahoo.com>
> Cc: pen-test@securityfocus.com
> Subject: Re: How much do you disclose to customers?
>
>
> On Tue, 16 Dec 2003, Joe P wrote:
>
> > Hi everyone,
> >
> > I have a question on customer disclosure. Is it wise to tell the
> customer which IP addresses you'll be
> using before starting pen tests?
> >
> > Cons for Telling:
> > I was thinking that if you did tell them you may get an over zealous,
> insecure admin that just sets up a
> filter to block you out to make him/herself look good.
> >
> > Pros for Telling:
> > 1) if you don't tell them your IP address they may think your doing
> testing when in actuallity it's someone
> else (ie: a true cracker trying to break in).
> > 2) Audit trail reasons - if you trip up an IDS while doing testing they
> can ignore those alarms.
> >
> > Also, how do testers handle multiple IP addresses? Is there any benefit
> to doing it from multiple IP
> addresses??
> >
> > How do testers distribute a test amongst multiple people?
> >
> > Lastly, do you keep logs of tests performed just to cover yourself?
> (Ie: "Our server crashed on Saturday,
> it must have been something you did!!"")
> >
> > thanks ahead of time,
> > Joe
> >
> >
> >
>
> Alfred Huger
> Symantec Corp.
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

-- 
: fergus cameron                :   [ .]        cobbled    :
: ^^^^^^@cobbled.net            : [ ~][ ]             .net :
---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Brewis, Mark: "RE: How much do you disclose to customers?"
• Previous message: H Carvey: "Re: How much do you disclose to customers?"
• In reply to: Alfred Huger: "How much do you disclose to customers?"
• Next in thread: Brewis, Mark: "RE: How much do you disclose to customers?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:44 EDT