I disagree (somewhat). While I think the boss is throwing money away if he
paid before success, lots of highly successful companies pay "Tiger Teams"
to break into their networks. It's a VERY lucrative talent if you can do
it. What's worse is these teams usually get in. Many sites are built on
servers that aren't properly secured. Whether it's because they were in a
hurry or just learned HTML and now CFML and don't have time to learn system
security, the doors are there. You'll also be amazed how many employees
will actually give things out over the phone. It's scary.
So it's actually a good idea for the boss to want this tested . . . but if
he's going to invite this, he should only pay a bounty if the "hacker" can
successfully document the attack, and give extra if he can give guidance as
to how to prevent it.
--Doug
-----Original Message-----
From: Duane Boudreau [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 04, 2000 11:07 AM
To: [EMAIL PROTECTED]
Subject: RE: Security holes revisited -- reward offered
Nick,
If your boss was willing to do this, I'd seriously consider quitting if I
were you. There are tones of jobs out there.
Duane
-----Original Message-----
From: Nick Call [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 04, 2000 11:44 AM
To: [EMAIL PROTECTED]
Subject: Security holes revisited -- reward offered
Ok, fellow Listees, here's the deal...
My boss's daughter has a boyfriend.. (can you smell the trouble
already???). He is bent out of shape over the fact that I did not recommend
that we hire him (I interviewed him and gave his skill sets an honest,
thorough exam). He is good at A/V stuff, but his web experience/database
experience is null. Anyway, back to the situation...... He has convinced
the boss to pay him 2 grand to attempt to hack the system I built. He
claims to be a super hacker, blah, blah, blah. I am not too confident that
he can do it, but there is a small chance....
Multiple minds are better than one. I have gone over and over all the stuff
I know, but I am more than likely missing some stuff. Anyone care to share
their CF/NT/IIS security checklist or other advice?
It's escalated into all-out war. He is going to stop at nothing to make me
look bad, and I will stop at nothing to prevent him from succeeding.
Thanks in advance. I will custom print 5 free T-shirts with your logo (in
one color) on them if you give me advice that plugs up a hole that I didn't
know about.
Thanks in advance.
Nick Call
[EMAIL PROTECTED]
http://www.graphixonline.com
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
