Hi,
In my personal opinion, you should mention in general somewhere in CV that you
can do something like this also, DONOT EVER WRITE THE NAME OF UNIVERSITY and
actual facts, and if at all you are called for interview, share your experience
there (only after you asked specifically for you first hand experience of
security at the university). That would definitely help you out.
Regards,
Lalit Gupta, Specialist-Information Security
Great LGSI Great Security
-----Original Message-----
From: PCSC Information Services [mailto:info@pcsage.biz]
Sent: Wednesday, March 22, 2006 1:08 AM
To: Matthias Güntert
Cc: security-basics@securityfocus.com
Subject: Re: application for an employment
Matthias et al,
I don't know if this is an ethical practice for a security
administrator to undertake at all,
let alone in the context of pre-employment research. I echo the
sentiments of most
respondents in that it's not information that's relevant to your
application for employment
nor is it representative of the ideal ethical standards by which
you're no doubt holding
yourself.
It's important to discuss your skillset including the use of security
tools, and
understanding of current best practices and methodologies. How you
brought these
skills to bear on an already unfortunate situation could
deleteriously impact your
application here. Clearly you have some insights that the University
could benefit from
and having some prior knowledge is beneficial immediately should you
become
employed by them, however, disclosing the information before your
even employed by
the University could raise ethical questions that I'm sure you're not
wanting to answer.
Sincerely,
Sean Swayze
PCSC Information Services
On 20-Mar-06, at 7:45 AM, Matthias Güntert wrote:
Dear listmembers,
i am seeking for a new job as a Unix/Linux systemadministrator. There
has been an advertisement at a well known university. So I started to
prepare my self for the application. While collecting some information
about the network, using nmap, dig, etc... I was able to read the
whole
namespace from the ip range (255.255.0.0)
My question is should I use some of the information I have found
out to
push my application forward? What do you think how a director would
react?
--
Mit freundlichen Grüßen
Matthias Güntert
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
#########################################################
THIS EMAIL MESSAGE IS FOR THE SOLE USE OF THE INTENDED
RECIPIENT(S) AND MAY CONTAIN CONFIDENTIAL AND PRIVILEGED
INFORMATION. ANY UNAUTHORIZED REVIEW, USE, DISCLOSURE OR
DISTRIBUTION IS PROHIBITED.BEFORE OPENING ANY ATTACHMENTS
PLEASE CHECK FOR VIRUSES AND DEFECTS.IF YOU ARE NOT THE
INTENDED RECIPIENT, PLEASE NOTIFY US IMMEDIATELY BY REPLY
E-MAIL AND DELETE THE ORIGINAL MESSAGE.
##########################################################
