Penetration testing, or 'ethical hacking', concentrates on the security of the Information Technology Infrasturcture of the organization to find any loopholes in the system. Penetration tests cover the servers, applications, modems, routers and bridges. These tests include the following :
- Remote penetration from the Internet.
- Analysis of script from the UNIX systems and review of NT security and account settings.
- Tests on the client's telephone network.
- Penetrating the internal network as an insider with knowledge that a regular employee of the organization would have, had he been terminated, removed, etc.
Onsite Penetration Testing
Onsite Penetration tests will focus on vulnerabilities which exist on the internal system as seen by an insider. Tests would include penetration testing of entire IT related equipment at the client site. Activities done during these penetration tests include:
- Penetrating the internal network as an insider with knowledge that a regular employee of the client would have, had he been terminated, removed etc.
- Security and Audit settings will be reviewed and catalogued on NT systems.Use of other vulnerability testing software may be used.
- Penetration Team will connect to the client’s internal network and attempt to compromise the servers, workstations and other devices.
- Using compromised accounts or through a normal account provided by the client, we will attempt to gain administrative/root access to servers, network equipment and other machines in the network.
- We will identify the damage that can be done if administrative or root access is achieved on any of these machines.
- Duration for these tests would be between two to three weeks.
Remote Penetration Testing
Remote Penetration tests will focus on security and robustness of Information Technology Infrastructure of a client organisation. Penetration tests will cover the servers installed, modems, routers, bridges and authenticating services in use at the client premises.
These penetration tests are done using tools which include third party products as well as our own software. These tests will include following activities:
- Port Scanning from external network.
- Exploiting the weaknesses of Operating system and applications to harvest files from the system and also plant files into the system.
- Testing availablity of unsecured modems and attempts to gain access to a system.
- Questionnaire to the client organisation regarding the network layout and management of IP addresses.
- Normal duration of these tests is 3-4 weeks.
- At the end of tests a detailed report with recommendations is made to the client.
To ensure we do not accidentally penetrate another company (which can be a felony offense), the client will provide the telephone numbers they use and wish us to test.As an alternative, the client could provide us with a corporate telephone book that is available to all employees. We will use this to ensure we stay within the company’s valid phone number ranges.