That is setup in the engagement letter, and scope of work. Read up about the following, and I would put that in your engagement letter, that the organization, business relinquishes all legal rights, to prosecute you under this title, and gives you authorization to conduct full=penetration testing on agreed upon assets. Make sure there legal, CIO/CTO/CEO signs it.
CFAA is also known as Title 18 U.S.C Section 1030.8 Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected] Phone:401-639-3505 ________________________________ From: Erik Goldoff [mailto:[email protected]] Sent: Thursday, May 21, 2009 10:03 AM To: NT System Admin Issues Subject: RE: Anyone have ... ? nice, useful report format, but I'm looking for a format for waiver of liability/permission to conduct , to remove any possibility of my actions being considered illegal hacking. Erik Goldoff IT Consultant Systems, Networks, & Security ________________________________ From: Ziots, Edward [mailto:[email protected]] Sent: Thursday, May 21, 2009 9:48 AM To: NT System Admin Issues Subject: RE: Anyone have ... ? http://www.vulnerabilityassessment.co.uk/report%20template.html Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + [email protected] Phone:401-639-3505 ________________________________ From: Erik Goldoff [mailto:[email protected]] Sent: Thursday, May 21, 2009 8:25 AM To: NT System Admin Issues Subject: Anyone have ... ? a good boilerplate/template for penetration testing permission ??? Erik Goldoff IT Consultant Systems, Networks, & Security ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
