NETWORK PENETRATION TESTING
Service Summary
We are proven experts in network penetration testing and network infrastructure security testing based on the PCI DSS requirements or addressing specific risk concerns of our clients. We cover a full port, protocol and service enumeration followed by a vulnerability assessment of the supporting servers. Our security team performs both internal (as a system user) and external (as an outsider) penetration testing procedures to provide an exhaustive range of attack scenarios.
Process Description
The initial preparation includes the setting of the network penetration test scope, testing hours and testing techniques to use. The scope is simply the number of critical systems that the management has decided to test for vulnerabilities and prepare for a malicious attack scenario. The testing times are usually during off-peak hours from 8PM - 6AM so that there is no noticeable processing disruptions. The techniques used during the network penetration testing procedures are also an important factor as many clients require specific types of tests to be performed.
After agreeing on the terms, the penetration test can begin. A general network infrastructure penetration test comprises of an external perimeter penetration test, as an outsider to the business environment (black-box testing), as well as an internal network penetration test, as an insider, employee or system user (grey-box testing). The typical external network penetration test comprises of the following steps:
This is a process of gathering information on the target from publicly available resources.
Once familiar with the target IPs we can begin the network mapping by initiating various port and service scans for each of the targets.
This is an automated process where a scanner is used to target the host(s) with a vast database of exploits for the discovered systems and services from the previous stage.
From the results of the previous phase the tester needs to verify if the vulnerabilities are really true. This is done by taking the actual scripts and running them against the target hosts.
A management summary stating all critical issues as well as a detailed technical report of all the vulnerabilities with a risk and impact rating, and recommendations for their resolution.
The internal network penetration test procedures are executed from inside the network infrastrucutre, with user level access to the systems and the applications in the test scope. Additionally to the external testing activities described above, the internal network security tests also include:
- Network Traffic / Encryption Review - this process is done by capturing the network traffic with a tool like Wireshark and running various filters on the traffic dump file to obtain user IDs, passwords, encrypted passwords, web traffic, browsing history and other information depending on the requirements of the project.
- Security Configuration Review - the configuration review is a process where the tester verifies that all configuration settings in the domain server / web server / firewall / application server / etc.. are configured in line with the best practice requirements.
An "average" network penetration test takes about 2 weeks for the external testing and another 2 weeks for the internal network security review procedures. This is a general estimate based on limited daily testing hours and an enterprise IT environment with numerous network and application system components to be tested. The deliverable consists of a detailed report stating all the network layer vulnerabilities with their corresponding impact and recommendations for their resolution.
Clients Cases
Contacts
NetSafety is an international cybersecurity consulting company with a head office base in Sofia, Bulgaria. Our firm's reputation is built on integrity, professional business conduct and a high quality of service in everything we do.
Simply call us to schedule a meeting and discuss your business needs.
NetSafety
Cybersecurity Consultants
E-mail:
team@netsafety.eu
Contact:
(+359) 88 9387598
Office location:
Sofia, Bulgaria