Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Can you hack our web?

Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> contributed wisdom to  
news:divhvh$2vcm$1@xxxxxxxxxxxxxxxxx:

> What if the hack was requested by the tester for the sake of defence from
> real attack? That what white-hats are for.

Thats true. But we get many requests to "hack my machine" where the request 
doesnt come from the root address on that machine. Usually its not from 
that machine at all. So its as if some child on a street corner walks up 
and hands you a rock and says "Test the shatter proof glass on my house. 
Its that one there. Really its OK because I told you to do it."  :)

Of course even a root account doesnt mean that its the real owner. And 
often a probe could cause you to cross the line with a company where the 
admin has asked too much without permission, or cause us to violate the 
boundaries of an ISP who might not care who authorized it. I have done some 
probings when contacted by people I trusted but I dont think Ive ever seen 
a public request which has convinced me to do any more than the simple 
scannings which would happen to a system every day.

Gandalf  Parker

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index