Network Penetration Testing
Network penetration testing assesses the security risks exposed by computer systems operating on a network. Networks with weak security can allow attackers to penetrate network defences and gain access to internal networks and critical systems. Regular network penetration testing can reduce the threat of these attacks, and save time and money in the aftermath of a security breach.
Common threats against networks include buffer and integer overflow attacks, format string attacks, insecure database services, vulnerable DNS servers, weak passwords/default credentials to administration consoles, DoS (Denial of Service) attacks, unencrypted network services and more.
Phases of a Network Pen Test
Network penetration testing is typically performed in phases beginning with target checking and enumeration and ending with a list of validated security issues which are then compiled into a report:
- Target Reconnaissance: System enumeration and OS fingerprinting.
- Port scanning to identify listening services.
- Manual probing for vulnerabilities on all listening services.
- Vulnerability scanning of all network devices within scope.
- Leveraging identified vulnerabilities to gain access to hosts and elevate privileges on the domain/network.
- Verification of all identified issues.
- Construction of a report containing all identified issues.
ReactionIS test all types of networks including:
- External Networks (Internet-facing)
- Internal Networks
- Wireless Networks
- DMZ Networks
Please get in touch for more details.