Before that bro, perhaps in order to avoid any entanglement with the LEA we shud clarify few things.
a). The said systems location? In country? b). Who own the system? Own in sense of you have this system in your own premise, using your own subscribed line etc c). Will the exercise involve any internet connection? Or just within LAN? If everything is belong to you, I dun see any prob but if other parties involved (providers, ISPs, etc) then I believe in requesting consent or authorization in written. Lesson learned bro, I've seen people who learned from the hard way ;) thanks and cheers > so the red team arrange a series of attacks on the server, while the blue > team will detect the vulnerabilities... sounds great. my Joomla networking > comes from absolute zero security mod, while have about 3 vulnerable mod > such as mod_rewrite etc etc.. > > an "exercise" should be best, it surely benefits much. so.. who want to > nicely and prudently "hack" me? > _______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
