I found Abraham's talk quite enlightening, for me it was one of the more beneficial talks from BSides London this year. I'd also suggest taking a look at OWTF, the tool introduced and discussed during the talk.

For those not able to party with us, the BSidesLondon Youtube channel is where you need to be spending your Friday. Abraham's talk here.

If you want to keep legal, I'd suggest downloading each manually, 200 page loads and clicks beats legal issues.
Youtube terms of service 5B.
n.b. emphasis mine

Giving the benefit of the doubt, if you've got a machine on the net that you can target with MSF as a test, others can too.

Strongly suggest killing the connection and leaving the vulnerable systems on internal labs only, if you need remote access openVPN etc. will be your friend....

Following on from your SQLi example. I'd suggest it depends on the circumstances.

If you pick a random website you've got no authorisation to test and start throwing Burp/Nikto/etc. at it, not legal.

If you're legitimately using a site as a user, and your knowledge spots something that's a weakness, there should be no issue reporting this to the sec-ops guys. The difference is being professional enough not to 'just see'; for example error message pops up potentially indicating SQLi, don't then grab sqlmap.....

(I've reported issues a few times on different sites (sorry, NDAs....), and despite the urban horror stories my insight and suggestions has been both greatly recieved and rewarded by the effected site).

If done correctly I don't really have a problem with clients asking for modification of results, they know the environment better than you (supposedly), providing they can provide sufficient reasoning to justify the request (for example a mitigation that was outside the scope of the assessment). In which case, the report will specify the original issue/impact rating, the modifications made and why and the name of the person requesting the change.

Legitimate debates and difference in opinion will end up being reported, any unjustified massaging/hiding of evidence will quickly get forgotten once the requesters name is going to be specified in the report  

From experience it can also be wise to hash and document any reports provided to clients, I've once been asked from senior management to justify a finding/recommendation that had been edited by an IT ream to support their business-political viewpoint.

I love my Kindle, for all the reasons above; but I'd never use it for technical books, in my experience the smaller screen just doesn't work regardless of how well publishers adapt the material for kindle format.

For technical formats I'll either stick with dead tree versions, or pdf version on tablet.

It depends on the client's motives: most common is to find holes and weaknesses (or management to bash a techie....). But it's not uncommon for a business (or IT team) to look for validation that their defenses are working as expected.

In a well defended network a report that states the pentesters couldn't get in is meaningless in business terms, a report that states they couldn't get in, but they tried attacks X,Y & Z which the environment withstood has value, from both the 'look at the benefit we're providing from the resources utilised for defense' and a 'we protect your data against X'.

It also helps prove the negative of no flaws; did the testers fail because the environment is secure? or because the testing team is incompetent?

Reports showing holes with mitigations are/can be the most satisfying and impacting to the business, but from the otherside being able to show that you defended against the most common threats is also of value from a business politics aspect.

There's always more to a pentest report than missing patches and 0day.

Cheers, thought it might have been. I had the same reading list by the looks of it.

A surprisingly interesting read given the subject matter.

link?

I think the biggest problem is user acceptance.

You and I may understand the need for two-factor authentication, but Joe Bloggs just wants to access his free email account to share pictures of cute cats. And whilst the cost of 2FA may be relatively cheap (and getting cheaper), if it's still an additional cost to access a 'free' service, most users will complain and look for alternatives.

In the UK, most banks now utilise personal chip and pin readers to provide access based on account cards. But despite banks providing these free to account holders I still know people that complain about the extra 'inconvenience', unable to understand why a simple user/password isn't enough.

Thankfully things may be changing, and I think as more services move to a system where users can choose to implement improved security to access their accounts (whilst I've not used it, Google's mobile phone authentication is a good example) acceptance of more stringent authentication requirements should improve in general users over time; whilst allowing the truly (and rightfully?) paranoid increased security precautions sooner.

Jamie - not so fast, plenty of us UK folk active or lurking in EH-Net.

Garnet, afraid I don't have any experience of the ISEB qualifications so can't provide any insight there, but if you're looking training directly relevant it 27001, take a look at SANS' offering MGT411. Admittedly I've not taken this either, but I've been looking down a similar path and this is currently my preferred option.

So, no actual information regarding this event at present???

Although I'm not sure I'm still a 'young professional' by the BCS' definition (believe the cut off is 25?), and I'm no longer a member of the BCS (see here for reasons).

I'd suggest moving away from Facebook as a primary communication method. I know plenty of infosec types that avoid FB completely on principal, or (like myself) maintain a clear separation between FB (for friends/family) and my professional life.

Good luck volunteering and trying to get an event off the ground, hope you have more luck than my previous experience with the BCS.

Could be interested; only event I could find via the FaceBook group was for Jan2011. Do you have a direct link?

What's the location of the event?

Throwaway VM snapshot via Tor

I'd suggest contacting your hosting provider for further assistance(*). They should be in the best position to assist you with recovering the site quickly and efficiently.

Once this is done, you'll need (unless you want a re-occurance) to find the hole and fix it. Updating as suggested 'may' be sufficient; but again, you hosting provider(*) should be able to assist in identification of the successful attack vector.

And judging from the defacement page message, I'd possibly also suggest not annoying the less trustworthy denizens of the 'net.

N.B. (*), depending on service contract, additional assistance in this matter may chargeable etc.