What
this service provides:
This service provides Vulnerability Testing and Reporting of your
internet firewall and associated IP addresses. This includes a report
for the block of IP addresses that your ISP has assigned to your place
of business, up to 8 IP's per location per device/router or branch
office. Here is an example of the Vulnerability
Testing Report. Here is an exmaple of the Additional
Notes we provide. Typically, if you have a business class DSL
or Broadband service, your ISP will provide you with a block of 4
to 8 IP addresses per location or branch. Most often you only use
1 of those IP addresses, which is assigned to your firewall at your
office. However, some firewalls can manage more than one IP address
and can be configured to provide "additional services" to
your internal network via these additional IP addresses and ports.
We can test all of these IP addresses.
We
provide you with a report that gives you a detailed view of the potential
vulnerabilities at your point of access to the internet. This report
identifies the ports that are open and any associated vulnerabilities,
provides a description of the test, attempts to identify any potential
services running, and provides a synopsis, description, additional
resource links, possible solutions, and risk factors, if applicable,
on those open ports. If a particular port or vulnerability is not
reported, it is not considered a security risk. Click
Here to Sign Up.
What
can you do with this report?
This
report can be provided to your auditors to show your compliance with
vulnerability and penetration testing requirements. The information
in the report can also be used by your network/pc consultants/administrators
to determine what vulnerabilities need to be addressed and/or corrected
and/or closed on your internet firewall/router. We provide tech support
for any questions related to the report and its contents. If your
network administrator has a question about a vulnerability that was
found, we will provide as much information about that item to help
you understand what that vulnerability means and what you need to
do if anything to protect your network from harm.
We
use an Enterprise Network Vulnerability Product called Nessus from
Tennable Network Security. Nessus is the world-leader in active scanners,
featuring high speed discovery, asset profiling and vulnerability
analysis.
Click Here to Sign Up.
Why
we use the Nessus Vulnerability Scanner and Some of its Features:
Based
on the most pessimistic computations, and on the number of downloads
every day, Nessus has at least 50,000 users worldwide.
The
huge user base allows Tenable to get the best feedback regarding security
checks - and therefore to offer security checks which are reliable,
non destructive and not prone to false positives.
The first public release of the Nessus Vulnerability Scanner was in
1998 and the technology behind it has been extensively tested and
proven over time, on huge networks.
We
use an up-to-date security vulnerability database that contains tests
for over 14,000 different security checks, covering local and remote
flaws. Focusing on the developement of security checks for the most
recent security holes, the security checks database
is updated on a daily basis. Staying up-to-date is a must if you want
to perform a security scan. Every week, several dozen of new security
checks are added in the nessus security check database.
The
Nessus Security Scanner includes NASL, (Nessus Attack Scripting Language)
a language designed to write security tests easily and quickly. NASL
plugins run in a contained environment on top of a virtual machine,
thus making Nessus an extremely secure scanner.
Each
security test is written as an external plugin, written in NASL. This
means that updating Nessus does not involve downloading untrusted
binaries from the internet.
The
scanner does not believe that the target hosts will respect the IANA
assigned port numbers. This means that it will recognize a FTP server
running on a non-standard port (ie: 31337), or a web server running
on port 8080. Nessus is the first scanner on the market to have implemented
this feature for all the security checks (and has been copied by many
since then).
If a host runs the same service twice or more, the scanner will test
all of them. Several competing scanners on the market still consider
that a host can only run one server type at once.
The
scanner has the ability to test SSLized services such as https, smtps,
imaps, and more, making our scanner one of the first security scanners
on the market to provide this feature.
The
scanner allows us to choose between performing a regular non-destructive
security audit and to throw everything you can at a remote host to
see how will it withstands attacks from intruders. Many scanners consider
their users to be too inexperienced to make that kind of choice, and
only offer them to perform "safe" checks. We use the more
thorough test procedures, performing more than 10,000 different vulnerability
checks, to determine the full level of vulnerabilites of your firewall
and internet access.
Click Here to Sign Up.