Penetration Testing mailing list archives

Re: [PEN-TEST] Contract/disclaimer for penetration testers

From: John Martin <john.martin () MARCONI COM>
Date: Sat, 13 Jan 2001 18:26:39 -0000

Hi

Try www.maxvision.net/

This question also raises issues about the forthcoming RIP law in UK, which
comes into force in June 2001.  Does this law affect existing
authorisation/liability contracts, when conducting Penetration testing,
particularly externally via an ISP?  If so, how can we protect ourselves?
What needs to be changed in existing contracts?





-----Original Message-----
From: Allan Pratt [mailto:allan_pratt () HOTMAIL COM]
Sent: 12 January 2001 18:41
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Contract/disclaimer for penetration testers


Hi,

I recollect seeing a few months ago on this list a URL that was posted for a
contract that a penetration testing company had their clients sign.

The contract stated what the penetration testers would do and what other
issues that come up in the process of performing a penetration test.   This
included a liability waiver.

I can't find that posting. Does anyone recollect this URL or a similar
document I can download?

Thanks,

Allan



_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

Current thread:

Re: [PEN-TEST] Contract/disclaimer for penetration testers John Martin (Jan 15)
- Re: [PEN-TEST] Contract/disclaimer for penetration testers Steve Goldsby (Jan 15)
- <Possible follow-ups>
- Re: [PEN-TEST] Contract/disclaimer for penetration testers Jeff Deitz (Jan 15)
  - Re: [PEN-TEST] Contract/disclaimer for penetration testers Max Vision (Jan 15)
- Re: [PEN-TEST] Contract/disclaimer for penetration testers Jeff Deitz (Jan 16)