Jump to content

  • Recently Browsing

    • No registered users viewing this page.

Ethical Hacking

curian

By curian
in Technology and Computer problems

Recommended Posts

average_jo Newbie

average_jo

Posted
Posted

say you are not a network security analyst but a systems admin. and the CEO wants you to check out the emails of an employee. would you do it?

 

Hi Sir,

 

I think when it comes to this request, you are covered by whatever IT policy that the company employs. If it doesnt suit any of those policy, you have the right to explain to your superior that this request may violate privacy issues in the company.

 

Cheers

;)

Link to comment
  • 2 weeks later...
  • Replies 100
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

JayZip
JayZip

when you said pwede eh did you mean na it is still "ethical hacking?"   and when you said non IT position does that include the CEO or someone in the executive level?

simplyeric
simplyeric

Kali 2 is out! Ready the usb bootables

k4t5u
k4t5u

Magkano yung hinihingi ng ransomware? Sa totoo kung viable na reformat mo na lang rig mo, reformat mo na lang. (though easily said than done to lalo na kung hindi ka religious mag backup)

simplyeric Newbie

simplyeric

Posted
Posted

Hi Sir,

 

I think when it comes to this request, you are covered by whatever IT policy that the company employs. If it doesnt suit any of those policy, you have the right to explain to your superior that this request may violate privacy issues in the company.

 

Cheers

;)

 

 

true, ask for your privacy policy. kasi there are some na merong right to read everything in the computer. example siguro ay sa CIA or sa Pentagon sa US. but i think even they have no right to access all personal email,pwera lang kung pinagsususpetya.

 

when in doubt, ask someone from your company that knows more.

Link to comment
  • 2 weeks later...
evilson Newbie

evilson

Posted
Posted

would you hack into somebody else's computer if your boss tells you?

 

well dati i was asssign with this job and also naireason ko rin regarding privacy but there was one supervisor (one of the boss relative) who said to me na "At bakit me ganung rason, e computer ng company yan, binili namin yan sa kanila para gamitin sa trabaho, hindi sa pangsarili nilang interes"

 

but looking back and thinking about this, it looks to me na tama sya

Link to comment
JayZip Newbie

JayZip

Posted
Posted (edited)

i think the point im driving at here is not if we use company computers for personal use or if the company has rules and regulations about it but if your superior orders you to do it period.

 

in my case my boss wanted me to hack into someones email because they wanted to prove that that employee was leaking stuff to competitors.

my boss admitted that we were breaking "rules" but it was "necessary" to get the info we need.

But since we broke the rules although necessary eh is it still "ethical" hacking?

Edited by JayZip
Link to comment
simplyeric Newbie

simplyeric

Posted
Posted

a, kung yun yung purpose, as i have said company related, then pwede.

 

yun lang, kung non IT ang position sa company, at sa iyo ipinagawa,even though you know you can do it, medyo kaduda duda.better refer to the people who have the legal rights to do it...

 

basta hinay hinay at mahirap maging escape goat.

Link to comment
dude07 Newbie

dude07

Posted
Posted

say you are not a network security analyst but a systems admin. and the CEO wants you to check out the emails of an employee. would you do it?

unless that employee or the employees on that company has an email ad which are being given to them for official use then yes .. but if it is/was a personal email address of the employee say yahoo address or alike.. then thats a different storyy..

 

 

 

Link to comment
JayZip Newbie

JayZip

Posted
Posted

unless that employee or the employees on that company has an email ad which are being given to them for official use then yes .. but if it is/was a personal email address of the employee say yahoo address or alike.. then thats a different storyy..

 

 

 

 

 

and if he was using that personal email to send out "company info" to say competitors what would you do?

Link to comment
JayZip Newbie

JayZip

Posted
Posted

a, kung yun yung purpose, as i have said company related, then pwede.

 

yun lang, kung non IT ang position sa company, at sa iyo ipinagawa,even though you know you can do it, medyo kaduda duda.better refer to the people who have the legal rights to do it...

 

basta hinay hinay at mahirap maging escape goat.

 

when you said pwede eh did you mean na it is still "ethical hacking?"

 

and when you said non IT position does that include the CEO or someone in the executive level?

  • Like (+1) 1
Link to comment
simplyeric Newbie

simplyeric

Posted
Posted

when you said pwede eh did you mean na it is still "ethical hacking?"

 

and when you said non IT position does that include the CEO or someone in the executive level?

 

 

i had to read all the post again kasi parang nauulit yung mga sinasabi ko.

1.the CEO wants you to break into a computer suspected of leaking out info to other companies.

2.based on your job description, you have no legal privilege to do it, and normally you are not authorized to do it in any case

3. the only reason they asked you is because you can

 

my answer:

1. have the order in written form and signed so you have proof na hindi ikaw ang nagkusang gumawa noon

2. if you have the proof, then do what they want you to do under their supervision. nandun sila habang ginagawa mo yun

3. after you get the info you need and the job is done, include it in your job description and ask for a raise (hahaha)

 

ethical hacking pa rin in my opinion kasi you did it for a greater good.

Link to comment
average_jo Newbie

average_jo

Posted
Posted

Hello Guys,

 

To put it in simple context, it is hacking but with permission. Permission from whom? Can be IT Manager, Can be Owner of the company, Company Director, CEO, COO, CTO or CIO or whoever has the right or authority to order the execution of such activity. Sa course ng Ethical Hacking, ang unang binibigay is waiver or some form of document para hindi sa iyo mapunta ang sisi. If the CEO, wants you to do it, without paper then it might fall between the thin line that separates it. Again, if it is for some personal gain it falls under hacking, if it is to ensure that after the testing we can secure the information or the network then it goes to hacking. It can go around depende kung paano mo titignan. But, again dont let yourself to be the escape goat in the end. It is much better that you have agreement and everything in black and white.

 

;)

Link to comment
JayZip Newbie

JayZip

Posted
Posted

^

 

Thank you so much for the clarification guys.

I apologize if I was being stubborn and skeptical. Skepticism kinda brings out critical thinking in me and I am trying to draft a security document for the place I work in.

 

Anyways, from what I read eh, waiver it is. LOL. Sounds really ironic and funny that the only thing that can save you is a piece of paper.

Link to comment
simplyeric Newbie

simplyeric

Posted
Posted

^

 

Thank you so much for the clarification guys.

I apologize if I was being stubborn and skeptical. Skepticism kinda brings out critical thinking in me and I am trying to draft a security document for the place I work in.

 

Anyways, from what I read eh, waiver it is. LOL. Sounds really ironic and funny that the only thing that can save you is a piece of paper.

 

 

yup,sa mga ganyan, papel at ballpen ang seguridad. that discipline separates the black hat and the white hats...

Link to comment
average_jo Newbie

average_jo

Posted
Posted

^

 

Thank you so much for the clarification guys.

I apologize if I was being stubborn and skeptical. Skepticism kinda brings out critical thinking in me and I am trying to draft a security document for the place I work in.

 

Anyways, from what I read eh, waiver it is. LOL. Sounds really ironic and funny that the only thing that can save you is a piece of paper.

 

Walang problema Sir. At least we are also enlightened. There are a lot of security documents in the web na pwede mo gamitin. You can check out sans.org or ethicalhacker.net at madaming white papers, security policies etc that you might find useful.

 

;)

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...