Re: Penetration test report - your comments please?

From: Steve Chapin (chapinat_private)
Date: Thu May 31 2001 - 10:22:35 PDT

Next message: Mike Ahern: "Automating Dumping of Passwords From NT Registry"

Previous message: Davis, Scott: "RE: identifying"
In reply to: Steve Skoronski: "RE: Penetration test report - your comments please?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> What approach do most people here take? Generally, because the
> client will depend on you to organize the testing, the choice is
> *usually* yours. What do you think is the best method?

We always ask that our activities be known by the minimum number of
people (usually the CEO and Chief Security Officer of the client).
If the front-line people know that there is a test underway, they
will behave differently.

sc
--
== Steve J. Chapin, President         ==
== RedTeam Consulting Company, LLC    ==
== chapinat_private                 ==

Next message: Mike Ahern: "Automating Dumping of Passwords From NT Registry"
Previous message: Davis, Scott: "RE: identifying"
In reply to: Steve Skoronski: "RE: Penetration test report - your comments please?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu May 31 2001 - 19:23:23 PDT