A blog for the enterprise open source community
Anti-Sniping move on the pen test list, the Daily DaveNick Selby, April 16, 2006 @ 2:12 pm ET
From the Daily Dave, a penetration testing mailing list which has seen a couple vendors snipe back and forth at one another recently about one claiming to have found an exploit in the other’s … uh, whatever. Dave Aitel, CTO of Immunity, Inc., in an effort to settle the issue objectively, writes:
You, the vendor, provide a Virtual Machine, Installer, appliance, or similar object. I run our new MS06-014 exploit through it and tell
everyone how you did. You can do it whenever you want – obviously the public will reward promptness with claps and lateness with jeers. You
don’t get the exploit until the next CANVAS release, which will obviously make it a lot easier.
Get it, Dave!
Add Comment Categories: Security