Sunday, 5 September 2010
Manage360SM
Connect360SM
Secure360SM
Optimize360SM
Seven Sacred AbilitiesSM
Performance Engineering
Voice and Unified Communications >>
Advanced
Security >>
Data Centers >>
  DEMO VAN
 

 
 

The Challenge: Risk Happens
A network security breach requires three items: motive, skill and opportunity. In the past, only high-profile companies were attacked. However, today’s automated tools generate indiscriminate attacks on companies both large and small.

It used to be that hacking was the black art of the sophisticated. Now, many Internet Web sites freely distribute push-button tools that allow common users to become “script kiddies” and Internet vandals. The only requirement of a security breach that companies can actively address is one: opportunity.

Many organizations have never sized up the opportunities in their network—assuming that their firewall and anti-virus solutions offer sufficient defense. However, every publicly reported victim of a security breach had similar defenses in place. Regulatory compliance and simple best practices require that the opportunities be assessed.

Solution: Vulnerability Audits
Network Architects conducts vulnerability audits to ascertain the opportunities for a network security breach. We utilize a multi-phased approach to perform reconnaissance, scanning, enumerating, probing, and reporting on the external, internal and wireless network vulnerabilities.



Phases of External Vulnerability Audits

Reconnaissance:

  • Company, subsidiary and partner Web sites
  • Public information on company: Edgar, news
  • Public information on individuals: name, role, level of authority, password hints - sourced from resumes, news, newsgroups, biographies
  • Security and privacy policies that may suggest the nature of the security posture or backup procedures
  • Outsourced third-party services: Web, mail, archival

Scan:

  • Domain name: registrar data, zone transfers
  • Network IP address blocks
  • Host IP addresses accessible from public Internet
  • IP services on accessible hosts: TCP, UDP, IKE
  • Remote access services: VPN, dial-up modem

Enumerate:

  • Network devices: router, firewall, switch, IDS
  • Remote access: IPSec VPN, SSL VPN, PPTP/L2TP VPN, dial-up network, access phone numbers
  • System enumeration: user/group names, banners, NetBIOS tables, routing tables, SNMP
  • Host system software: OS, CIFS/SMB, NFS, NIS, Web/ FTP / mail servers, remote control
  • Host application software: Web applications

Probe:

  • Domain name server vulnerabilities
  • Network device vulnerabilities
  • Remote access vulnerabilities
  • Host system software vulnerabilities
  • Host application software vulnerabilities (optional)
  • Network management vulnerabilities
  • Default accounts and password strength
  • Denial of service vulnerabilities (optional): floods, directed broadcasts, fragmentation

Report:

  • Summary of prioritized risks, with individual detail
  • Recommended changes / solutions to address risks