Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: application for an employment

from [Craig Wright] Network Security [Permanent Link]
Subject: RE: application for an employment
Date: Tue, 28 Mar 2006 10:07:34 +1100 

Assuming again that all points are public. An Internet connected host
may not be public. An example of this world include a VPN server or a
OWA system even. These could be on a separate non-private VPN making
them private and not public. How do you know what is "public" and what
is "private". Further if private and public services are on the same
host but using differently ports you may just be asking for trouble.

Still it is a little risky for me. I have do a lot of valid tests where
taking all precautions a system had rebooted. Criminally charged because
of an accident is not a case I would like to be in. Being that the
action is going to be held as negligent than you are still likely to be
found guilty if damage was proved from the outage (a fair possibility
dependant on the system).

Again, A simple SYN scan is not likely to get you into trouble - but why
take the risk. A Nessus scan does far more than this and checking
vulnerabilities requires that a connection is made in most instances.

At the end of the day much of this will depend on the ability of the
lawyers on each side and if the prosecutor has a point to make.


From a point of hiring the person, the risk is above the limit I would

accept and this means that they would not have a hope of getting my
sign-off.

Being that I work for a professional services firm (Chartered), the acts
and standards that apply to the profession would not allow this type of
action, so how could we take a risk to the firm (different to a Uni of
course) that the prospect would amend his/her ways?

Regards
Craig

-----Original Message-----
From: Soderland, Craig [mailto:craig.soderland@sap.com]
Sent: 28 March 2006 9:54
To: Craig Wright
Subject: RE: application for an employment

Craig,

        All valid points. But, One point to contend with is that, if he
is crossing the public network to conduct a port scan on the public
segment, then in effect he is not crossing private property.

        this would be analogous to you walking down the street and
knocking on the doors to shops. If I know and see that the door is open
when I believe it should be closed, there can be no trespass as I have
of yet not crossed into the private arena.

        This would be analogous to scanning a public web site and seeing
that the server was listening on 135/139 TCP. Unless the server Reboots,
there is no harm, and since it is a public facing system, there can be
no trespass, unless I attempt to establish a connection. If I do a Syn
scan there is no possible chance of a connection, only a confirmation of
what the server is listening to and responding on.

        At this point I believe a prosecutor would be hard pressed to
prove trespass, and providing a reboot did not occur at this time prove
harm. Though like you said companies like Sony who have deep pockets may
not try to throw money at the situation to prove otherwise.


Cheers!


Liability limited by a scheme approved under Professional Standards Legislation 
in respect of matters arising within those States and Territories of Australia 
where such legislation exists.

DISCLAIMER
The information contained in this email and any attachments is confidential. If 
you are not the intended recipient, you must not use or disclose the 
information. If you have received this email in error, please inform us 
promptly by reply email or by telephoning +61 2 9286 5555. Please delete the 
email and destroy any printed copy. 

Any views expressed in this message are those of the individual sender. You may 
not rely on this message as advice unless it has been electronically signed by 
a Partner of BDO or it is subsequently confirmed by letter or fax signed by a 
Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments 
due to viruses, interference, interception, corruption or unauthorised access.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Entry Level Certifications, Clinton Smith
Next by Date:  RE: tool to construct custom packets, Mark Spivey
Previous by Thread:  RE: application for an employment, Craig Wright
Next by Thread:  RE: application for an employment, Craig Wright
Indexes:  [Date] [Thread] [Top] [All Lists]