Re: Pen Test mistake

From: Jonathan Rickman (jonathanat_private)
Date: Thu Aug 21 2003 - 12:24:39 PDT

Next message: Kurt Seifried: "Re: Pen Test mistake"

Previous message: Jeff Steeves: "Re: Pen Test mistake"
In reply to: Jeff Johnson: "Pen Test mistake"
Next in thread: Ranjeet Shetye: "Re: Pen Test mistake"
Next in thread: Kurt Seifried: "Re: Pen Test mistake"
Reply: Ranjeet Shetye: "Re: Pen Test mistake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 21 August 2003 00:47, Jeff Johnson wrote:

> How do you handle this situation?

Honestly, I am so paranoid about this that I have always used firewall rules 
(either on the pen-test machine, or a separate device) to ensure that I 
stay "on target."

> Anyone else have any better advice?

Consult an attorney before initiating contact with the accidental victim.

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net



---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world<92>s premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symanetc is the Diamond sponsor.  Early-bird registration ends September 6 Visit: www.blackhat.com
----------------------------------------------------------------------------

Next message: Kurt Seifried: "Re: Pen Test mistake"
Previous message: Jeff Steeves: "Re: Pen Test mistake"
In reply to: Jeff Johnson: "Pen Test mistake"
Next in thread: Ranjeet Shetye: "Re: Pen Test mistake"
Next in thread: Kurt Seifried: "Re: Pen Test mistake"
Reply: Ranjeet Shetye: "Re: Pen Test mistake"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 21 2003 - 12:35:37 PDT