On Tuesday 26 November 2002 13:23, SDuffyat_private wrote: > I would say first cover yourself with loads of permissions! Make > sure you have a point of contact that knows what you are doing from > the company your testing. The only other thing I would add to this that has not already been stated is that if your client is hosting mail or web services off-site, you'll need to make sure that you get authorization from the off-site provider as well. There are a number of hosting providers and ISP's that will only allow testing with their consent, and only then if the server is dedicated to the one client and not shared with any others. Don't just assume that if your principle client gives you permission to test that you have carte blanche to test anything that that has their name on it. Tom ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sat Nov 30 2002 - 12:09:23 PST