RE: Penetration test of 1 IP address

From: T0aD (toadko@gmail.com)
Date: Thu Feb 09 2006 - 04:10:52 EST

• Next message: DokFLeed: "Re: Rainbow Tables"
• Previous message: Anders Thulin: "RE: Penetration test of 1 IP address"
• Maybe in reply to: Edmond Chow: "RE: Penetration test of 1 IP address"
• Next in thread: Sels, Roger: "RE: Penetration test of 1 IP address"
• Reply: Sels, Roger: "RE: Penetration test of 1 IP address"
• Reply: Erin Carroll: "RE: Penetration test of 1 IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello all,

Really Im a bit surprised to see you guys taking in consideration such
questions.
I mean, Im not ok against beginners questions, thats not the point,
there is no guru nor beginners, we are here with differents
experiences and levels of knowledge (maybe Im better cook than aleph
one !), but sometimes we have to understand what we're doing when
giving away some information to some people.

Here we have some guy, working for some company, having a customer's
problem to resolve, thats to say to provide a pentest of a IP address.
That is fine. The problem being: where is the precise question ?
Should we help him to 'automate' some pentest ? Should we teach him
how to actually do his job ? What kind of company is giving its
customers such a poor service like assigning an employee with no clue
how a pentest could be done ?

Its like asking me to make some accounting for a company, I dont have
the professionnal knowledge about it. You really think it would be
fair for me to be able to invoice some customers for accounting ? In
my world, it's definitely not.
Do you really want to help such companies to spread and making fake
and pretending people richer ? Me definitely not.

Nothing against you edmond, don't take it personaly but if you are not
skilled enough to even start a pentest, refuse it, except if the
customer is aware of it and is kind enough to give you money to train
yourself, otherwise be aware you're stealing someone.

I think I was nice enough to get published here, maybe Im too
idealistic or whatever, but at least I wanna know what you think about
it or if Im missing a point somewhere.

Have a nice day.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Next message: DokFLeed: "Re: Rainbow Tables"
• Previous message: Anders Thulin: "RE: Penetration test of 1 IP address"
• Maybe in reply to: Edmond Chow: "RE: Penetration test of 1 IP address"
• Next in thread: Sels, Roger: "RE: Penetration test of 1 IP address"
• Reply: Sels, Roger: "RE: Penetration test of 1 IP address"
• Reply: Erin Carroll: "RE: Penetration test of 1 IP address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:28 EDT