Penetrax - Security Consulting Home   |   Services   |   DIY Tools   |   FAQ   |   About Us   |   Contact Us  
       
 

Services

  

Internet Penetration Testing

Internet Penetration Testing

Network Security Audit & Review

Wireless Security Testing

Firewall Rule and IDS Testing

E-Commerce and Web Application Testing

Systems Security Testing

Computer, PDA & Laptop Security

Other Security Services

 

-- Do you trust the internet?

-- Are your internet facing systems secure enough? Or are they exposed as a result of unattended vulnerabilities / oversight / firewall misconfiguration?

We at Penetrax analyze the security of your internet facing devices using industry standards, our own security methodologies and BS 7799 / ISO 27001 guidelines. We produce easy to understand yet detailed reports tailored to your organisation for the quick overview and timely remediation of your systems' vulnerabilities / weaknesses.

This is usually a base for our other external testing services, such as application server and web server testing, This service comes in two variaties; an informed test where you inform us of the ip range you require us to test and provide us the addresses of your internet facing devices such as web servers, firewalls etc, and an uninformed / blind test where we determine your ip ranges and attempt hacking into your system just like a real hacker would do. We are also able to create a bespoke test according to your network's needs.

How we do it?:

This service is designed to provide a good level of assurance for routers, proxies, firewalls / vpn concentrators that defend internet access only. It is assumed that no web / mail / extranet services are provided through these devices that we are testing. We form a footprint of your connection finding contact names / details, IP range information and ISP information. We investigate the route and the devices that are present in between each device and attempt to identify other hosts and related information regarding your ip range / domain. Afterwards, we perform port scans on the internet hosts in the target range and conduct SNMP queries and banner grabbing to obtain additional information that could be used in performing attacks against the host. Next, we use a well known vulnerability scanner to scan your firewall and other devices, testing for over 1,000 known security vulnerabilities / hacks.

Finally, we form bespoke tests using the latest published exploits from security communities and perform password guessing / brute-force attacks to test your password policies and complexity.

 
     
  Copyright © 2006, Penetrax Security Consulting. All Rights Reserved.