[AusNOG] Aust Info Sec?

Damian Guppy the.damo at gmail.com
Thu Nov 21 16:23:33 EST 2013


Sure they will tell you the next steps. They will tell you you should pay
up for them to help you to fix the problems.

I like how they say they won't charge if they find no problems. I would
love to get them to do an audit of a blackholed IP to see if they actually
find any vulnerabilities :)

--Damian


On Thu, Nov 21, 2013 at 1:18 PM, Colin Stubbs <
colin.stubbs at equatetechnologies.com.au> wrote:

>
> I'm not entirely sure what they'll do beyond failing Introductory English
> and Marketing 101,
>
> "advise you and or your I.T department of next steps" != "Price does not
> include recommendation or remedy of problems"
>
> And only 600? Are they using a 10 year old version of Nessus? Even OpenVAS
> now reportedly checks for 30,000+ problems.
>
> A bigger number on that page would definitely convince me to give them
> money.
>
>
> On 21 November 2013 14:47, Pinkerton, Eric (AU Sydney) <
> Eric.Pinkerton at baesystemsdetica.com> wrote:
>
>> *“**We have the expertise and suite of crackers' tools to
>> comprehensively check your computer internet security. This is done
>> remotely for over 600 most obvious holes and we advise you and or your I.T.
>> department of next steps.”*
>>
>>
>>
>> *“**Price does NOT include recommendation or remedy of problems, as this
>> would require separate consultation and quotation if needed. I understand
>> that there is no charge if the audit finds my LAN/WAN not to be
>> vulnerable.”*
>>
>>
>>
>> $495 for an automated VA of ‘most obvious holes’ without any remediation
>> advice seems a bit steep to me.
>>
>>
>>
>> If you absolutely must do security on the cheap, there are a slew of
>> cheaper options ie http://www.qualys.com/forms/freescan/
>>
>>
>>
>> *From:* AusNOG [mailto:ausnog-bounces at lists.ausnog.net] *On Behalf Of *Peter
>> Tonoli
>> *Sent:* Thursday, 21 November 2013 1:48 PM
>> *To:* Andrew Yager
>> *Cc:* ausnog at lists.ausnog.net
>> *Subject:* Re: [AusNOG] Aust Info Sec?
>>
>>
>>
>> *From: *"Andrew Yager" <andrew at rwts.com.au>
>> *To: *ausnog at lists.ausnog.net
>> *Sent: *Thursday, 21 November, 2013 1:39:33 PM
>> *Subject: *[AusNOG] Aust Info Sec?
>>
>> Hi,
>>
>>
>>
>> I have a client who has just sent me an email that essentially contained:
>>
>>
>>
>> We have been getting cold calls from
>> http://www.austinfosec.com/internet-security-audit to do a no obligation
>> network security review...it sounds rather sus to me so I wanted your
>> advice.
>>
>>
>>
>> Any thoughts on the legitimacy or otherwise of these guys?
>>
>> They answer the phone as "Exa web solutions" <http://www.exa.com.au/>.
>> Curious..
>>
>>
>>
>>
>> --
>>
>> Peter Tonoli < peter at medstv.unimelb.edu.au > +61-3-9288-2399
>> IT Manager
>> The University of Melbourne - Eastern Hill Academic Centre, St. Vincent's
>> Institute and O'Brien Institute
>>
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
>>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20131121/71167578/attachment.html>


More information about the AusNOG mailing list