Our External Penetration Test

For those who are not already aware, and would like to know more about our external penetration tests and the basic methodology we use, this page contains more information about this product. Please be aware we are able to customize tests to fit your specific needs which are analyzed and understood before an external penetration test begins.

Our External Penetration Testing Methodology:

Public Disclosure

The Public Disclosure module of the test is the non-intrusive information gathering and is typically very difficult to detect. It is the summation of knowledge that is given away to the public freely. While this knowledge is intended to be entrusted to the public, sometimes it will give away unintended derived information that makes it easier for a hacker to bypass security measures when he starts the intrusive attacks.

File Find

The file find is the gathering of files of many common types from the target domains or any relevant files on the Internet which compromise the integrity of your security. These files can often be used to discover information about your network that can later be used to assist in an attack.

Competitive Review

The competitive review is the analysis of your companies well known aspects. This typically includes information about your business that is highly advertised. Attackers often use this information as the starting point for all attacks.

Employee Information

Employee information that can be found on the Internet exposes your company to social engineering attacks. An employee's information can make it seem as though the attacker intimately knows the target. This is the basis for misrepresentation and creates fraudulent trust between your employee and the outside world.

Records

Many documents that identify your company as an Internet presence disclose private information to an attacker that can later be used. Gathering this information, although specifically targeting your network, is not usually monitored. This information is the most dangerous information that can be harvested without your knowledge.

Intrusive Disclosure

The intrusive disclosure marks the separation of information that can be found on the Internet without your permission and the information that can be found by contacting your network. This is the most important section of any penetration test. Information that can be found by contacting your network should be monitored so that you can later discover who was attacking you. Any information disclosed from this section on is a serious vulnerability if not detected by the team that manages your network.

Ports, Services, and Fingerprinting

Open ports are a gateway for intrusion into your system. Often you need them in order for your business model to operate properly. In many cases, though, open ports are either extraneous, not configured properly, or vulnerable to exploits which attackers use to gain unauthorized entry into your network.

We begin by intrusively scanning your network for well known services. We then scan for lesser known services. Finally we scan every single port on all your hosts for any service or response.

These services present identifying features about the software running on your network. The specialized way in which each single piece of software handles the same data allows us to identify, or fingerprint, the exact software make and version. This will allow us to determine what vulnerabilities exist in your network by using public information about known vulnerabilities.

Research

After identifying possible vulnerabilities in your network, we need to perform the matching attacks to determine if these vulnerabilities actually expose your network to dangers. This simple list will provide you with actionable items to assist in the hardening of your network.

Attack

The attack is when an attacker will use the cumulative knowledge he has gained to gain entry to your network and perform operations that you would not knowingly permit. The attack often comes in two waves: The Exploit and The Social Engineering.

Exploit

The exploit is the use of cumulative vulnerability information collected about your network. The matching attacks are used systematically to gain internal access to the network. Once on the inside of the network the attacker will utilize common internal exploit methods to gain the ultimate trophy: domain administration rights.

Internal Exploit

The internal exploit is the use of trust within your network to gain control over all computers. The best way to prevent this from happening is to harden your internal network. This additional, extremely important, information is provided to you in the <link to document>

Social Engineering

The social engineering attack is the use of all the information gathered in the Public Information section of the test to create false trust between an attacker and your employees. This fraudulent trust could entice your employees to provide user names and passwords for your network.

Recommendations

When determining what recommendations to make to improve your overall security, we need to consider how these changes will affect your business needs and the overall solution that your network is designed to provide. Security configuration should be very simple so you can avoid mistakes that compromise your network. A network should usually be configured to deny everyone and then allow only those people who need access.

Reporting

The documents provided in the reporting section give us a better understanding of your network as a whole. From this perspective you can see what a hacker may see when approaching your network with an attack in mind. All this information compiled will help us solve complex security issues together.