|
|
|
|
|
|
Nettitude's VPN testing starts off by assessing the VPN capabilities that are delivered
by an organization. These might include IPSEC VPNs, SSL VPNs, and L2TP or PPTP based
VPN capabilities. Once these services have been identified, Nettitude looks to assess
the infrastructure for any pre-shared key protocol mode exposures. This includes
capturing hash values for offline assessment. Following on from this, Nettitude
assesses the infrastructure for authentication exposures by spidering the likes
of Google, Facebook and other social networking sites for a list of employees and
trading partners that could have access to the infrastructure. With this information,
Nettitude is able to try and conduct password guessing, or brute force analysis
of the infrastructure to see if remote access can be granted.
Nettitude is able to perform white-box testing of VPN services, with pre-provided
usernames and passwords. These types of tests can assess whether an employee can
gain remote access to protected corporate resources, and copy, change or steal key
data sources. Nettitude's VPN Penetration Testing services can be tailored to whatever
your business needs dictate. Whether it is testing from the perspective of a remote
hacker, or alternatively a disgruntled employee, Nettitude is able to define a test
programme that will assess the strength of your remote access infrastructure.
|
|
|
To find out more about how Nettitude can help you with your Security Testing requirements,
please complete our contact form,
and a Consultant will respond to your enquiry.