On Fri, Oct 16, 2009 at 10:39 PM, DTS-Corp (Knowledgebase) <mlists_subs@xxxxxxxxxxx> wrote: > Hey guys. > > I have a server that is owned by me and can confirm through servint that it > is owned by me. > > I would like to do a penetration test and of course to allow you to upload > files on the server and kind of trash it to the point where it is always > restarting and running out of memory etc etc. > > This is going to be mainly script kiddie stuff, however will be able to get > you hired on with me for some other jobs that are invovlving network > security evaluations. > > Here is the server info > Cpanel and WHM running on CentOS > > hostname level1.ixkt.net > IP addresses 64..131.81.30 > 64.131.81.31 > 64.131.81.32 > 64.131.81.30 > > SSH Port is on 3734 > A word of advice to both sender and readers.. do not follow up on this. 1) Penetration tests to have some value must show what was done and what was not done. They must show what steps were taken to reach zero. And then they must be evaluated to see if those steps could have been mitigated. A call for all hackers does not usually get that. 2) Network penetrations need to be done to make sure that you do not violate your SLA with your network provider or cause problems with other customers on that network. It also may violate various laws and statutes of where the co-location is at. 3) While "To catch a thief" is a nice movie.. you are probably not going to run into a Cary Grant type. It is more like you are going to down to a seedy bar in the docks and yelling out "Hey I need someone to rob my house to see if the security system I bought works, and I have a bunch of money on me to pay you." 4) It has become a common ploy to get people to attack another person's network by registering that they 'own' the space etc. Everyone from Russian gangs to local police use it at one point or another. Professional security people who aren't looking to spend time in prison will make sure that there is a legitimate contract in place and that the client is aware of the various risks involved. -- Stephen J Smoogen. Ah, but a man's reach should exceed his grasp. Or what's a heaven for? -- Robert Browning _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos