RE: Pre-Scanning for Marketing

From: Maxim Kostioukov (maxim@francoudi.com)
Date: Thu Jan 12 2006 - 02:52:40 EST

• Next message: Shenk, Jerry A: "RE: Pre-Scanning for Marketing : Analogy Day"
• Previous message: Wolf, Glenn: "RE: Pre-Scanning for Marketing : Analogy Day"
• Maybe in reply to: Password Crackers, Inc.: "Pre-Scanning for Marketing"
• Next in thread: Rapaille Maxime: "RE: Pre-Scanning for Marketing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I believe unless the owner were legally (i.e. financially) responsible
for their security flaws such pre-scanning would be useless.

Moreover penetration testing without written permission in advance might be legally
turned against the tester.

In majority of cases I got negative/zero reaction so I would not bother.

-----Original Message-----
From: Password Crackers, Inc. [mailto:pwcrack@pwcrack.com]
Sent: Tuesday, January 10, 2006 5:11 PM
To: pen-test@securityfocus.com
Subject: Pre-Scanning for Marketing

I am interested if anyone on the list has ever tested or implemented a
marketing program that involved pre-scanning (wired or wireless) a prospect
and then sending a letter or email describing potential vulnerabilities and
offering assistance in closing these vulnerabilities. I have never done
this because of the anticipated negative reaction, but I am curious as to
what the outcome was if anyone else has done it. Single instances would be
interesting, but I am more curious if anyone has implemented this in a more
broad-based way and has positive and/or negative response rate statistics.

Bob Weiss
Password Crackers, Inc.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Shenk, Jerry A: "RE: Pre-Scanning for Marketing : Analogy Day"
• Previous message: Wolf, Glenn: "RE: Pre-Scanning for Marketing : Analogy Day"
• Maybe in reply to: Password Crackers, Inc.: "Pre-Scanning for Marketing"
• Next in thread: Rapaille Maxime: "RE: Pre-Scanning for Marketing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:21 EDT