Penetration Testing mailing list archives
Re: [PEN-TEST] Ethics Scenario
From: "Gallicchio, Florindo (2282)" <florindo.gallicchio () ESAVIO COM>
Date: Mon, 2 Oct 2000 17:20:21 -0400
We certainly do not do this! I take a very dim view of this type of solicitation. If I were the recipient of the call from a company poking at my site, I'd think the following: 1. The opportunists say they were "just poking around," but I'd wonder if they were doing more than that. I'd probably call the authorities. 2. The opportunists don't know how to legitimately market their services and cold call potential customers. I'd dismiss them as amateurs. I'm not saying that your company is one of these opportunists, but you would certainly look like it to many people. I'd stick with the traditional methods that consulting companies use. Florindo On Mon, 2 Oct 2000, Christopher M. Bergeron wrote:
Here's a scenario that I'd like to get peoples' input on: A) Our company does pen-tests, security auditing etc... B) Our team finds a vulnerability/hole on a website just by poking
around / using the site.
The question is this: Do we tell the website company who we are and that we have discovered
a vulnerability and then offer to provide them assistance with the vulnerability (for pay of course). i.e. offering them a full pen-test or an IDS or something...?
Or does this tend to fall into the "chasing ambulances" type of
business marketing strategy?
Current thread:
- [PEN-TEST] Ethics Scenario Christopher M. Bergeron (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Edward Mitchell (Oct 02)
- Re: [PEN-TEST] Ethics Scenario SM (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Erik Tayler (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Erik Tayler (Oct 02)
- <Possible follow-ups>
- Re: [PEN-TEST] Ethics Scenario Dunker, Noah (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Steve (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Tonick, Mike (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Gallicchio, Florindo (2282) (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Darryl Rathbun (Oct 02)
- Re: [PEN-TEST] Ethics Scenario Spy Fox (Oct 02)