We set up a new server machine based on a windows operating system. Your job is to run a several type of hacking methods towards that server to show us the existing security problems. (penetration testing)
Before you read the description below please not THE IMPORTANT REQIRENMENTS FOR THIS JOB:
- you MUST have at least a REPUTATION of 4.9
- you MUST have at least 5 years EXPERIENCE in COMPUTER SECURITY and PENETRATION TESTING
- you MUST have at least 7 years EXPERIENCE in WINDOWS SERVER
- you MUST provide at least 3 former clients that will CONFIRM your JOB SPECIALIZATION
- you MUST READ and UNDERSTAND the FULL WORK DESCRIPTION
In order to make the penetration test done on our organization a success, a great deal of
preparation needs to be done. Ideally we do a kickoff meeting before you start with the actual test tasks. The kickoff meeting must discuss matter
concerning the scope and objective of the penetration test as well as the parties
involved. After our meeting there must be a clear objective for the penetration test to be conducted.
Our objective of the penetration test is to
demonstrate that exploitable vulnerabilities exist within in our organization’s network
infrastructure. The scoping of the penetration test is done by identifying the machines,
systems and network, operational requirements and the staff involved. If you find any vulnerabilities in the system, YOU ARE NOT ALLOWED TO DO ANY CHANGES ON THE SYSTEM. You have to create a protocol wich lists up every security risk, so we can take care of it.
There are two time periods for the tests, both time periods must be used:
1. Period starts on Sun. 25th may 2014 and ends same day at 00:00 MET
2. Period starts on Fri. 30th may 2014 and ends Sun. 01st. Jun. at 00:00 MET
The stuff will be not eared from our side, so its allowed to check for security risks there, too. Language for correspondence is german.
You MUST SING A CONFIDENTIAL CONTRACT that clears that any information or data obtained during the penetration tests will be treated as
confidential and will be returned or destroyed accordingly after the tests. Prior to any
penetration test engagements legal documents protecting the penetration testers and
their company must be signed.
Information Gathering and Analysis
After doing the necessary planning and preparation with our organization
the next step is to gather as much information as possible about the targeted system and try to find security backdoors.
You get only payed, if you find at least one security hole in our system. You get a bonus payment for every single security hole after the first one.