On Fri, 02 Jun 2006 08:54:23 +0800, Nightfall Nightfall said: > Is it illegal if I perform a vulnerability scan on a site without > permission from the owner? How about a simple port scan? thanks. Rule 0 of a pen test: *ALWAYS* have a *written* "Get Out Of Jail Free" card before doing anything, unless it is your own *personal* machine. This includes machines owned by your employer (ask Randal Schwartz about this one). Phrased differently - do you really want to gamble spending the next 3-5 with a big hairy dude named Bubba?
Attachment:
pgpu5lsLwkMSc.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/