[NTLUG:Discuss] crackers

[Greg E]

The 4 reasons I suggested a fee:

  1.  if you advertise this service on the NTLUG web site the number of
      people wanting the service could be huge and if they need to cough
      over a couple of bucks, maybe $10 or something on that order, it'll
      weed out the not so serious, doing a onesy twosy isn't a load but
      if 200 people ask in the span of 2 or 3 days:)

  2.  everyone's time and knowledge is worth something even MadHat's, 
      although some may argue about that:)

  3.  FUND RAISER, call it a donation not a fee if you want

  4.  putting NTLUG behind it insures that not just anybody is being asked
      to attack your system, the requester is guaranteed that no hard will
      be done if the system is compromised

All you'd need to make a request is provide you domain, ie nutlug.org, and
an email address to return the results to.  NTLUG sends an email to a member
of the test team on a round robin with the domain name.  The tester sends
a report back to NTLUG and NTLUG forwards the report to the requester along
with a bill and mailing address.  A few days later NTLUG gets a check in the
mail.  Everything on the NTLUG side can be automated except the bank deposits
and writing the checks to the testers.


Greg E


MadHat wrote:
> 
> You shouldn't have to pay.
> 
> I would be willing to check machines for holes.  I mean the main part is
> going to be port scanning and checking versions (all can be done
> remotely, without direct access to your box).  Just remember that the
> same people you ask for help _can_ be the same people you want to keep
> out.  Not that anyone on this list would hack into your box, but all you
> really know is an email address in most cases, so be careful.  Paranoia
> is not always a bad thing.
> 
> --
> MadHat