lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu Jan 19 18:45:40 2006
From: greybrimstone at aim.com (greybrimstone@....com)
Subject: Vulnerability/Penetration Testing Tools 

Alright,
  I've made an observation. Full Disclosure is a list where emails and 
subjects evolve into new emails and subjects which are not directly 
related to the first subject or email. For example, this one has 
evolved into a discussion about overhead, development and other such 
things. Really, its quite interesting. ;[

 -Adriel

 -----Original Message-----
 From: Valdis.Kletnieks@...edu
 To: Madison, Marc <mmadison@...i.com>
 Cc: full-disclosure@...ts.grok.org.uk
 Sent: Wed, 18 Jan 2006 12:14:24 -0500
 Subject: Re: [Full-disclosure] Vulnerability/Penetration Testing Tools

 On Wed, 18 Jan 2006 08:13:05 CST, "Madison, Marc" said:
 > H D, my apologize. My FD emails were out of order, and I took your
  > response out of context. If your looking for a script that will 
combine
 > MetaSploit, and Nessus then BidiBLAH will work. Still for $10 grand I
  > would suggest taking a scripting class at your local college so you 
can
 > make your own BidiBlah.
 >
 > Math:
 > BidiBLAH: $10,000
 > College scripting class: $350
 >
 > The knowledge you'll gain for ever, priceless.

  Something to keep in mind however - many people make that comparison, 
and
 don't calculate the *TOTAL* cost.

  If your developer is getting paid $60K/year, the *encumbered* cost 
(benefits,
  office, etc) is close to twice that. And if he's writing an in-house 
BidiBLAh,
 that's time he's *not* writing stuff you *can't* buy off-the-shelf.
 As a result, it breaks out as:

 BidiBLAH: $10,000

 scripting clss: $350
 6 man-weeks time: $15,000

  OK? Got that? Suddenly doesn't look like such a good deal, does it? 
Maybe
  you *should* just buy BidiBLAH, and have that guy coding that custom 
interface
 between two in-house systems instead....

  (And don't say "I only pay my developer $30K, so he can take 2 
man-months to
  do it" - the kind of developer you can keep for $30K is probably going 
to take
 a lot more than twice as long as the $60K developer.....)

 _______________________________________________
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/


________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and 
industry-leading spam and email virus protection.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ