I agree with Peter - I don't see a problem with HIRING "hackers." The
problem is when you open a contest to anyone who's interested, there are
no contractual agreements and prosecuting for inappropriate access
becomes exponentially more difficult.
To carry the idea further, the only REAL security assessment you are
going to get is going to be from a "hacker" (and this may require a
definition of a hacker), not someone who has read alot of books.
[EMAIL PROTECTED] wrote:
>
> > -----Urspr�ngliche Nachricht-----
> > Von: Jim Laverty [SMTP:[EMAIL PROTECTED]]
> > Gesendet am: Mittwoch, 7. April 1999 20:19
> > An: [EMAIL PROTECTED]
> > Betreff: Re: AW: Hacking Contest ?
> >
> > I don't see what is wrong with hiring hackers to test your networks and
> > systems. I think the key to this is to actually close up what they find
> > right away and monitor their activities while they are in the system.
> > They
> > are there to make money for themselves (as consultants) and it would be
> > counter productive for them to compromise the systems. If they were
> > caught
> > in the act, you obviously wouldn't hire them again or recommend them to
> > anyone else. This is not to say that it won't happen, but a known evil is
> > better than the unknown.
> >
> [Kunz, Peter] Then I'd recommend some readings on hacker ethics and
> why hackers and crackers do the things they do. The true hacker motivation
> is not personal gain or financial interests, but free availability of all
> information. Soime might try to make a buck along the way.
>
> > I'd rather have someone with experience test my networks and systems
> > internally and externally.
> >
> [Kunz, Peter] And how do you make sure oyu have the right person
> with the proper experience?
>
> cu
> -pete
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
