Have you considered offering PCI Compliance rather than pen testing? While there are guidelines its a lot easier of an industry to break into without prior experience. A good pentesting service can test a really wide variety of things - a company that I used to work for would not only do the standard scans/attacks with ~40 different commercial and free tools, but also social engineering tests, mailing people usb sticks with autorun exploits, and stuff like that. I didn't get the specifics, just kind of the vague outline. While it's def not impossible to get into that, its something you should def do professionally before offering it as a service. Either way, PCI Compliance testing is like a watered down pentest, in which you're not actually supposed to break into anything. It also has a really wide variety of much smaller customers that are required to have it performed for various payment industry related reasons. A PCI scan can be anything from a half-arsed SAINT scan with minor notations, to a fairly comprehensive set of manually verified tests for things like SQL injections and XSS vectors.
I'm pretty sure that no student taking that test would perceive that question as being an example of how to write a program. The AP Computer Science exam takes a perverse delight in double checking that every student can read deliberately confusing code. The posted question is just a mild example. I feel that criticisms of questions of that type should be leveled at exactly what's being tested - reading rather than creating code. I know I personally minded that a large number of such questions on the test when I took the exam were fairly spacial in nature - like predicting the bitmap output of a function.
Have you considered that you may risk depriving people of the line for ice? I don't think it's a bad thing!
A place I worked for did exactly that. There are a few details that you should attend to - give out ip addresses based on the ssl certificate used by the openvpn client (and make sure you don't deploy the same ssl cert to two servers!), and have a method of restarting openvpn every time it crashes/disconnects (and exits). You'd be surprised how flaky enterprise internet connections can be. From there my work kept a database of all the openvpn servers and used it to generate a nagios config. Honestly, I've never loved nagios since it frequently doesn't QUITE do what I want, but it's good enough. If your clients are all internet accessable, I've been using a slightly expensive commercial service call Monitis which I really like. Contrary to what a number of people here have said, I don't think you need a network admin at all, if you can get the vpn stuff working with a simple acl (to keep clients' interns from bothering each other) then you should be set.
My dad did that, but for fairly different reasons. His friends convinced him that their area of Yugoslavia was pretty unimpacted by fighting, so we visited. It was honestly one of the more interesting vacations I've taken; the entire country was completely economically devistated. Fortunately I don't think any of the involved governments (we're American) ever found out about that somewhat irresponsible vacation.
I know certain commercial products, for example Fortanet firewalls, have this functionality built into them.
Mac Mail, iMail, something like that...
Their service is pretty inconsistant. I think most of their customers get frustrated when they're initially filling the server - they don't do a lot of administrative oversight into what goes onto their servers, and it really shows in the first 3-4 months you are a customer of theirs. The reason they come up however, is they offer all of the stated services except VOIP. And I wouldn't use their VPN, though they offer VPN services. You can always use SSH Tunnels. I think there's a real logistics problem in offering that wide a variety of services, which is why most hosting companies won't do so. The original poster may have 5 providers, but each of those providers only has to stock admins to deal with 2-3 of the requested services.
This isn't the first infinate recursion iMail bug. Around five years ago I worked for a webhost at which we had customers complaining about there being nothing in their INBOX. When we checked, we'd find a giant tree of INBOX folders - for some reason iMail would create a new subirectory called INBOX every time it logged in, and then make the *new* INBOX folder the default INBOX. All the mail would still be delivered to the original inbox...
I think the most important aspect of this article is that people who went to burning man are still talking about burning man.
It's a start, at least the passwords are safe... there's a tendency for security communities to scoff at nearly any half improvement
I'm fairly sure the author of the paper was laughing maniacally during most of it's writing.
Is the internet a bigger experement in anarchy than Mexico?
... but sometimes there are commercial solutions that fit a specific problem quite well - I'd use deep-freeze, a piece of windows software. I briefly attended a school that had it on their computer lab computers - effectively the computer is reset every time you restart it. It keeps a second partition sitting around with your save point or something like that. Guests are generally non-malicious so probably won't disable the software.
Dear Slashdot, Please bring back gnome2. Gnome3 isn't as good. Yrs, David Maas