|
External to internal services (or external and internal). I am able to detect vulnerabilities on client networks for buffer overflow attacks, DoS, DDoS, Misconfigurations, Brute force attacks, CGI and WWW service exploits, Back doors and Trojans and other weaknesses. This I undertake as follows .. Passive information gathering vulnerability Assessment ... I can determine unnecessarily vulnerable availability of publicly available information RIRs (ARIN,APNIC,RIPE) using WHOIS (Sam Spade), Domain name databases, Stock Exchange websites, new sites, company home pages etc. This will obtain contact information for "Social Engineering" vulnerability checks (as required) and IP addresses. The company homepage source html may provide email addresses, usernames, cgi script locations, authentication and server details. This process is simplified by the use of Sam Spade to detect vulnerabilities to mirroring, detecting asp pages on the site, email addresses, detecting and following links, hidden form values with default authentication to other servers etc. Search engine use may find further information about the company. SMTP Header Analysis An email is then bounced off the mail server and the smtp headers are examined. Sam Spade can be used to "smart Paste" and parse for name servers. Name Server Zone Transfer Vulnerability Assessment Sam Spade and dig (as well as NSlookup and host) can facilitate detection of vulnerability to zone transfer from authoritative DNS servers which will reveal (if the DNS server is vulnerable), key IP addresses. This would reveal information on web servers and mail servers. The IP addresses would be used to determine vulnerability to hypothesis of the topology of the client's network and the presence of |
|
|
|
To Contact Me |
|
Phone: 07768 113497 Fax: 01473 423491 |
|
Network Penetration Methods |
|
Home Page | Network Penetration Testing | Firewall and VPN Engineering | Network Design | Security Policy | Network Support | Employment / Contract History | CV and References | Personal |
