Firewalls: Freelance internal hacking a bad idea (was: Exposing fraudulent SA's)

Firewalls
(January 1998)

Indexed By Thread: [Previous] [Next]

Subject:	Freelance internal hacking a bad idea (was: Exposing fraudulent SA's)
From:	"John Pettitt" <jpp @ cybersource . com>
Date:	Wed, 14 Jan 1998 05:14:36 -0800
To:	<firewalls @ greatcircle . com>
Cc:	<daemond @ ibm . net>

Jim Raykowski <jimrski @
 cts .
 com> wrote in reply to Geoff Gowey
daemond @
 ibm .
 net with suggestions to hack te interal net then show the SA's
and/or management.

This is A BAD IDEA(tm) hacking the interal net without an explicit
(preferably written) OK from management is a good way to get fired and/or
end up in court.    If the SA's are not a stupid as you think and they spot
you the excuse that you were running a seurity check is probably not going
to fly

Better to write to management (and keep a copy) telling them that you
suspect poor security and suggesting an independent audit (which you will
carry out).   You many not get the audit but your letter will be on file if
it hits the fan later.

John

Follow-Ups:

Re: Freelance internal hacking a bad idea (was: Exposing fraudulent SA's)
From: Timothy J Luoma <luomat @ peak . org>

Indexed By Date	Previous:	[no subject] From: "Earl Meck" <earme @ ausc-nt1 . aus . swr . irs . gov>
Indexed By Date	Next:	RE: IP addresses From: Martin Hepworth <martin . hepworth @ blackwell . co . uk>
Indexed By Thread	Previous:	Re: your mail From: Ken Williams <jkwilli2 @ unity . ncsu . edu>
Indexed By Thread	Next:	Re: Freelance internal hacking a bad idea (was: Exposing fraudulent SA's) From: Timothy J Luoma <luomat @ peak . org>