Internal Penetration Testing
Internal penetration testing is designed to replicate the risks associated with the attack, after they have penetrated the defenses put-forth for your network.
At Teceze, we carry out thorough and laborious, end-to-end testing that helps us to identify any potential risks which prevents internal attacks.
What does an internal penetration testing service consist of?
Our cyber security experts set up on-site, they will connect to your network using their laptops, and they will begin their internal penetration testing. Any issues that are identified can be broken down into three categories:
Patching –
This is a major issue during an internal penetration testing. As it is common for many boxes or applications to be overlooked.
Passwords –
Both users and systems are commonly linked to passwords that are weak and easily guessed.
Policy –
Often, built standards and policies are not strong enough and as a result, unnecessary applications or access are allowed.
A hacker could take advantage of these and that would give them access to a host, where the privileges can be escalated or access may be given. Each test will involve a different method and that is determined by the network, the organisation, and the environment.
Prior to testing, testers are expected to read the scope and fully understand it. Before they get to work, any of the systems that are ruled out of scope should be null routed or any access should be prohibited. It is common for meetings to take place before the testing commences and this is to give the client reassurance and to go through the works that will be undertaken. This ensures that the tests run smoothly and that all hosts remain untouched.
The test begins by undertaking the host discovery phase and then makes it possible to map the whole network as well as identify any targets that could be attacked during the latter stages of the process. Hosts that can be attacked can also be provided by the client as well as all network maps. This can then be used as a tool to make the discovery process faster, but it is also useful, should the client have specific hosts that they want to target. However, this document is not always helpful as it can restrict the test, lowering the quality with regards to completeness and so, it should not be relied upon.
Following this, the port scanning stage targets those systems that were identified in the previous stage. Therefore, each service on a host that is available externally will be assigned a port. By numbering the ports, it makes it possible to identify services that are likely to be targets of an attack such as Telnet, SSH and SMB services.
Following this step is vulnerability scanning. The aim of this stage is to identify any obvious attack vendors and services that are vulnerable. Further investigations are carried out as well as manual testing of all the identified issues and hosts that were identified in the previous steps. The goal of this is to exploit one or more issues manually or through the use of an exploit framework such as Metasploit. If done manually, it will involve brute force, default passwords or exploits that are not widely known.
Our expert team is here to help with any questions you have regarding our products or services. Fill out the form below or contact us on +44 0208 050 5014
