Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Spam: what to do it illegal activity found during pen-test

from [Craig Wright] Network Security [Permanent Link]
Subject: RE: Spam: what to do it illegal activity found during pen-test
Date: Sat, 3 Jun 2006 08:33:30 +1000 

Hi,
One of the issues with people who have never worked as auditor but are in pen 
testing occurs in this situation. 
 
There are a few things to be considered. In cases where there is a serious 
criminal offense you have no choice (at least legally) but to go to senior 
management and the police. Senior management need to be approached first and 
the incident needs to be handled in a manner which will not impune the 
integrity of the evidence. If senior management are likely to be involved this 
must be escalated to board level.
The nature of these types of crimes are those such as child porn. Serious 
offenses are defined under the Crimes Act.
 
In other cases, the response will vary dependant on the level of materiality. 
Any incident that may have a material impact on the company must be actioned. 
In cases where there is no material impact the incident must be escalated.
 
Additionally, if the company has a (valid) incident response policy and 
procedure, than this should be used where applicable.
 
As a final note, remember that if you fail in your duty to report this and it 
later comes out, you could be criminally liable yourself and at the least 
liable for tortious negligence civilly.
 
Regards,
Craig

        -----Original Message----- 
        From: Robin Wood [mailto:dninja@gmail.com] 
        Sent: Fri 2/06/2006 6:50 PM 
        To: pen-test@securityfocus.com 
        Cc: 
        Subject: Spam: what to do it illegal activity found during pen-test
        
        

        Hi
        I was wondering the other day, what should I do if during a pen test I
        found some illegal activity (internal, not from hackers) on the
        network being tested. My initial
        thought was report it to the police and let them sort it out but then
        thought I suppose that depends on the activity taking place. One one
        hand you could find a ftp site with a couple of movies on, the other
        you could find a website full of child porn. The first may just need a
        mention to the company IT staff, the second would definitely warrant
        police attention.
        
        Talking to someone they suggested the case where a web cam was being
        used to watch women's toilets. Should that be reported to the company
        first to stop the activity, then to the police, or could reporting it
        to the company give the perpetrator time to clean up their activities.
        
        All this is just idle questions at the moment but I'm curious to see
        if anyone has come across this kind of situation and how did they
        dealt with it. As I'm in the UK I'm particularly interested in any UK
        stories.
        
        Robin
        
        
------------------------------------------------------------------------------
        This List Sponsored by: Cenzic
        
        Concerned about Web Application Security?
        Why not go with the #1 solution - Cenzic, the only one to win the 
Analyst's
        Choice Award from eWeek. As attacks through web applications continue 
to rise,
        you need to proactively protect your applications from hackers. Cenzic 
has the
        most comprehensive solutions to meet your application security 
penetration
        testing and vulnerability management needs. You have an option to go 
with a
        managed service (Cenzic ClickToSecure) or an enterprise software
        (Cenzic Hailstorm). Download FREE whitepaper on how a managed service 
can
        help you: http://www.cenzic.com/news_events/wpappsec.php
        And, now for a limited time we can do a FREE audit for you to confirm 
your
        results from other product. Contact us at request@cenzic.com for 
details.
        
------------------------------------------------------------------------------
        
        


Liability limited by a scheme approved under Professional Standards Legislation 
in respect of matters arising within those States and Territories of Australia 
where such legislation exists.

DISCLAIMER
The information contained in this email and any attachments is confidential. If 
you are not the intended recipient, you must not use or disclose the 
information. If you have received this email in error, please inform us 
promptly by reply email or by telephoning +61 2 9286 5555. Please delete the 
email and destroy any printed copy.  

Any views expressed in this message are those of the individual sender. You may 
not rely on this message as advice unless it has been electronically signed by 
a Partner of BDO or it is subsequently confirmed by letter or fax signed by a 
Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments 
due to viruses, interference, interception, corruption or unauthorised access.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RE: Spam: what to do it illegal activity found during pen-test, Craig Wright <=
Previous by Date:  Some new SSH exploit script?, Sekurity Wizard
Next by Date:  Re: what to do it illegal activity found during pen-test, mis
Previous by Thread:  Some new SSH exploit script?, Sekurity Wizard
Next by Thread:  Blackhat USA 2006 - Review , remarks and proposal agenda, newslist@security-briefings.com
Indexes:  [Date] [Thread] [Top] [All Lists]