Sadly, most industry standards have always been purchase only. It is normally meant to be a revenue mechanism for the standards body so that it can be somewhat 'independant' of sponsors. On Fri, 9 May 2003, Richard Ginski wrote: >Since many pen tests/vulnerability assessments can be based on >ISO17799, I am asking this list for information. > >I have looked all over for a copy of this "industry standard". The only >places I have found it offered is where it is offered as a >purchase....along with a toolkit. Seems to me that if you have an >"industry standard' it should be freely available so that "industry" >can follow it. Otherwise, if the only means to obtain the standard is >by purchasing, it should be considered a proprietary work and not an >"industry standard". (my .02) > >I am only interest in downloading/reading the standard. Can someone >please provide a link to where the standard is freely downloadable? >Thanks in advance. > > >--------------------------------------------------------------------------- >Did you know that you have VNC running on your network? >Your hacker does. >Plug your security holes. >Download a free 15-day trial of VAM: >http://www.securityfocus.com/StillSecure-pen-test >---------------------------------------------------------------------------- > > -- Stephen John Smoogen smoogenat_private Los Alamos National Labrador CCN-5 Sched 5/40 PH: 5-8058 Ta-03 SM-261 MailStop P208 DP 17U Los Alamos, NM 87545 -- So shines a good deed in a weary world. = Willy Wonka -- --------------------------------------------------------------------------- Did you know that you have VNC running on your network? Your hacker does. Plug your security holes. Download a free 15-day trial of VAM: http://www.securityfocus.com/StillSecure-pen-test ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Sun May 11 2003 - 09:59:05 PDT