Where is secreview when you actually need them? After the useless thread about gmail blah blah I decided to check out http://www.secnap.com/ and all I can say is WHAT THE FUCK.
The first lines of their website: "The Internet comes with built in threats from hackers, industrial Espionage, spyware and employee abuse." Sounds like some homeland security brochure Followed shortly by: "Our Managed IPS solution includes our patent pending HackerTrap™ IPS that will block external attacks as well as protect your company from employee abuse and loss of confidential information. " I would love to see some proof of them stopping confidential information from being gathered over an internal network, but based on their site I am sure this is more BS anyway. Then I browse to: http://www.secnap.com/services.php?pg=3 "Are you aware that there are an estimated 100,000 hackers on the Internet today, actively scanning government and corporate networks, looking for vulnerabilities they can exploit to gain access to critical corporate information?" Speaks for itself.... If you follow the link on this page you find a pdf here: http://www.secnap.com/pdfs/pentest.pdf Where it details how they will run public vulnerability scanners and compare your banners to known vulnerable services. Who are the script kiddies here again? This company is trash and their members should not be allowed to post on this list. They are Homeland Security/George Bush type fear mongering retards trying to make a buck and scare people into their nonsense. Looking at their site they are another group of paid script kiddies in business suits. You better hope that one of "100,000 internet hackers" don't have any exploits that aren't covered by nessus or secnap will not be able to protect you anymore.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/