First Base Technologies

Contact Us
Phone 01273 454525
email

External Infrastructure & Firewall Penetration Testing



The Threat: Infrastructure Security Risks
  • Could an attacker break into your network?
  • Are your firewalls really secure?
  • Do your VPNs provide the protection you expect?
  • Do you know what devices are on your external IPs?
  • Do you know what services they offer?
How do you answer these questions?

The Solution: External Infrastructure (and Firewall) Penetration Testing

External Penetration Testing Methodology

Our external penetration testing services are conducted by skilled professionals using the latest tools, best practice and our own proprietary testing techniques.

  • The initial step is to perform network reconnaissance, to determine network topology and live hosts. This is conducted using both network scanners and the tester's intuition. Unresponsive hosts are confirmed during the test to maintain the intended scope and ensure best value for testing is achieved.
  • We then enumerate all live hosts, to discover operating system types, services and protocols. Live hosts and services are analysed for potential vulnerabilities, using both automated and manual techniques.
  • Firewall and VPN penetration testing will occur at this stage.
  • Any potential vulnerabilities are manually verified to remove false positives and ensure that only accurate results and information are included in the report.
  • We try to manually exploit verified vulnerabilities where possible to discover further exposures. The tester will research discovered software and services for applicable exploits and then attempt to compromise the relevant hosts.
  • In addition to exploiting vulnerabilities, we manually test for possible configuration errors. These include vendor defaults (such as usernames or passwords), remotely-accessible internal services and other misconfigured services or functions.
  • Throughout the test we will identify hosts which may require additional testing, such as a web application.
  • We can also conduct Firewall Rule Analysis as an additional service if you require.

Hover over each segment of the diagram below to read about each stage of the testing process.

At First Base Technologies we pride ourselves in being with you every step of the way in securing your external infrastructure from attack.

More Information

You can read our FAQ on penetration testing and vulnerability analysis here

See what our clients say about us here


Contact Us
+44 (0)1273 45 45 25

CREST


ISO 27001


ISO 9001


CREST Cyber Essentials

E&OE
© 2001-2015 First Base Technologies LLP - All Rights Reserved.
First Base Technologies LLP is a limited liability partnership registered in England & Wales, number: OC352070
Website designed and mastered by
didilogix


W3 Org says this page is HTML 4.01 compliant