RE: Pre-Scanning for Marketing

From: Nathan Einwechter (nathan@ontologystream.com)
Date: Tue Jan 10 2006 - 17:50:53 EST

• Next message: Thor (Hammer of God): "Re: VIAGRA $2.60"
• Previous message: John: "RE: Pentesting a WEP-protected wifi network"
• In reply to: Password Crackers, Inc.: "Pre-Scanning for Marketing"
• Next in thread: Kurt Seifried: "Re: Pre-Scanning for Marketing"
• Reply: Kurt Seifried: "Re: Pre-Scanning for Marketing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Very... Very.. VERY bad idea..

This is actually a good way to get a bad name in an area, in my
experience. I've seen a number of companies do this, and it really makes
clients go "What? What were you doing scanning our systems?" and lose
trust in a consultant. A lot of people don't understand the difference
between a scan and hacking, and if the potential client is one of those
people, it's even worse.

I HIGHLY discourage using this method.

-- Nathan

-----Original Message-----
From: Password Crackers, Inc. [mailto:pwcrack@pwcrack.com]
Sent: January 10, 2006 10:11 AM
To: pen-test@securityfocus.com
Subject: Pre-Scanning for Marketing

I am interested if anyone on the list has ever tested or implemented a
marketing program that involved pre-scanning (wired or wireless) a
prospect
and then sending a letter or email describing potential vulnerabilities
and
offering assistance in closing these vulnerabilities. I have never done
this because of the anticipated negative reaction, but I am curious as
to
what the outcome was if anyone else has done it. Single instances would
be
interesting, but I am more curious if anyone has implemented this in a
more
broad-based way and has positive and/or negative response rate
statistics.

Bob Weiss
Password Crackers, Inc.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: Thor (Hammer of God): "Re: VIAGRA $2.60"
• Previous message: John: "RE: Pentesting a WEP-protected wifi network"
• In reply to: Password Crackers, Inc.: "Pre-Scanning for Marketing"
• Next in thread: Kurt Seifried: "Re: Pre-Scanning for Marketing"
• Reply: Kurt Seifried: "Re: Pre-Scanning for Marketing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:22 EDT