>> Looking for experienced hackers to join tiger team; Team will be paid by the >> job. The job will be attempting to defeat the security measures of various >> clients (with their permission and encouragement). Pay will be based on >> successful break-ins--no break in, no pay (i.e., only people who know their >> business need apply). >> >> Please send prospectus and salary requirements (assume that you are paid by >> successful attack) to andy@maine.edu with the subject line "TIGER TEAM >> CANDIDATE." Indicate systems with which you are experienced and any references >> (preferably commercial organizations) who can vouch for your hacking >> legerdemain. > >I dont know of too many admins that are going to vouch that some hacker >really did a good job of hacking them. If they knew them, they would probably prosecute, given the chance. Course, the saavy admin would say he couldn't break into a paper bag. What a great reference that would be... ;-) > >I think you also get paid well if you list all the sites you have hacked, >with accounts and passwords and e-mail them to cert@cert.org and >sundevil2@fbi.gov. Sniffing logs will be a plus. > >All kidding aside, how much will a company pay to be broken into? Has >anyone here hired a tiger team and did they find the investment worth it? According to Open Vision, they have a "Tiger Team" that costs the customer $10k to do have OV do a survey and "penetration". This was the case when I talked to them in June. > > >-- >Christopher William Klaus <cklaus@shadow.net> <iss@shadow.net> >Internet Security Systems, Inc. Computer Security Consulting >2209 Summit Place Drive, Penetration Analysis of Networks >Atlanta,GA 30350-2430. (404)518-0099. Fax: (404)518-0030 Ben Taylor Smoke N' Mirrors, Inc. bent@snm.com