what to do it illegal activity found during pen-test

From: Robin Wood (dninja@gmail.com)
Date: Fri Jun 02 2006 - 04:50:39 EDT

• Next message: Max Moser: "New <<BackTrack release announcement"
• Previous message: Vladan Todorovic: "RE: Local Admin"
• Next in thread: Michael Scheidell: "RE: what to do it illegal activity found during pen-test"
• Maybe reply: Michael Scheidell: "RE: what to do it illegal activity found during pen-test"
• Reply: Dotzero: "Re: what to do it illegal activity found during pen-test"
• Reply: Paul Robertson: "Re: what to do it illegal activity found during pen-test"
• Maybe reply: Craig Wright: "Re: what to do it illegal activity found during pen-test"
• Maybe reply: Craig Wright: "Re: what to do it illegal activity found during pen-test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi
I was wondering the other day, what should I do if during a pen test I
found some illegal activity (internal, not from hackers) on the
network being tested. My initial
thought was report it to the police and let them sort it out but then
thought I suppose that depends on the activity taking place. One one
hand you could find a ftp site with a couple of movies on, the other
you could find a website full of child porn. The first may just need a
mention to the company IT staff, the second would definitely warrant
police attention.

Talking to someone they suggested the case where a web cam was being
used to watch women's toilets. Should that be reported to the company
first to stop the activity, then to the police, or could reporting it
to the company give the perpetrator time to clean up their activities.

All this is just idle questions at the moment but I'm curious to see
if anyone has come across this kind of situation and how did they
dealt with it. As I'm in the UK I'm particularly interested in any UK
stories.

Robin

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------

• Next message: Max Moser: "New <<BackTrack release announcement"
• Previous message: Vladan Todorovic: "RE: Local Admin"
• Next in thread: Michael Scheidell: "RE: what to do it illegal activity found during pen-test"
• Maybe reply: Michael Scheidell: "RE: what to do it illegal activity found during pen-test"
• Reply: Dotzero: "Re: what to do it illegal activity found during pen-test"
• Reply: Paul Robertson: "Re: what to do it illegal activity found during pen-test"
• Maybe reply: Craig Wright: "Re: what to do it illegal activity found during pen-test"
• Maybe reply: Craig Wright: "Re: what to do it illegal activity found during pen-test"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:01 EDT