> -----Urspr�ngliche Nachricht-----
> Von: Brian Steele [SMTP:[EMAIL PROTECTED]]
> Gesendet am: Donnerstag, 1. April 1999 03:07
> An: [EMAIL PROTECTED]
> Betreff: Re: Hacking Contest ?
>
> Hmmm - that sounds like me. Basically there were a couple of chaps on the
> list warbling on about the insecurity of MSProxy 2.0, so I invited them to
> put their money where their mouths were by trying to hack a test server I
> set up specifically for that purpose.
>
> A number of people did actually take part in the test, and while no
> vulnerabilities were found with MSP, a DoS attack was found against the
> underlying IIS software (see the GET fix for IIS on microsoft.com).
>
> However, not as much people as I'd expected actually took part - certainly
> I
> don't think any of the anti-MS pontificators did ;-).
>
> Paying a "professional service" to run a penetration test against your
> system sound like an interesting one. How much can one expect to pay for
> this kind of service, and how would you identify if they are
> "professional"
> or not?
>
[Kunz, Peter] From the article I mentioned and other sources
anywhere from $25K to $100k from a 'reputable' firm.
cu
-pete
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
