I'd probably argue with two sets.
Set 1 conatins anyone using tools to scan for holes, find them, patch them.
Probably a no-brainer. The person doesn't even have to know all the attack
variants available through one hole, as he plugged it.
Set 2 contains professionals who crack any site.
Of course, the existence of Set 2 is debatable. In any good security
architecture, it shouldn't be discounted, unless you're sure you won't be a
target by organized crime, the feds or a foreign spy agency.
Check out the Network Security article on Penetration Testing at all.net
cu
-pete
> -----Urspr�ngliche Nachricht-----
> Von: rich [SMTP:[EMAIL PROTECTED]]
> Gesendet am: Donnerstag, 1. April 1999 04:36
> An: [EMAIL PROTECTED]
> Betreff: Re: Hacking Contest ?
>
> Ok, I have to get in on this one --- as my curiosity is peaked...
>
> As many of you brought up -- how, other than the obvious
> contest, or similar, do you weed out the kiddies from the
> hackers?
>
> The reason I would ask this is simple -- Is someone who uses
> a hammer to pound a nail into a board a "kiddie" or a carpenter?
> Would you expect the carpenter to know which "tools" work for which
> task? I would.
>
> Now, just because someone uses "tools" does not make them a
> "kiddie" (or does it, that is what I am asking). The real test, IMHO,
> is what you are able to do with the results of these tools.
>
> This is also where you benifit. If I want to hire someone and they
> can prove to me they know what the results from nmap, nessus, ogre,
> etc, really means and can do something with it to shore up my server,
> then, call them a script kiddie if you wish, but to me they have simply
> shown that they know how to use tools.
>
> I would not expect a carpenter to "assemble the hammer" first, before
> putting a nail in a board...
>
> But, this is a question, and issue I would like to open up to discussion,
> as
> I believe it directly relates to the problem of the hacking contest..
>
> ( But then I could be wrong... I have been before.. *smile* )
>
> regards,
> r
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
