- Do you really know who - or what - is at the end of all of your phonelines?
- Could a hacker obtain access onto your internal network via an unauthorised modem?
- How secure are your voicemail, call monitoring, PABX and fax systems?
- Is your VPN really private?
We can provide answers to these questions by finding and analysing
vulnerabilities in these systems using a combination of industry standards, our own best
practice and BS 7799 / ISO 27001. The reports we produce - tailored to your organisation -
will inform you of the vulnerabilities and the solutions, so you can address these before the
"real" hackers do.
Below are our services in this area:
|
 |
War Dialing:
Our war dialing service is designed to discover modems, identify software and attempt
penetration. We "war dial" a range of direct-dial telephone numbers using
PhoneSweep software. We can
determine the existence of modem carrier signals, analyse any attached (and working) systems
and attempt to gain access to them. The result is a detailed report showing all vulnerable
telephone numbers, including software detected and any successful penetrations.
|
 |
Modem Penetration Testing:
This service is aimed at penetrating known remote-access numbers, for instance those we found
during our war dialing tests, using dictionary-based brute force attacks. We attempt
penetration of your dial-in connections, using a wide selection of dictionaries and mutated
dictionaries, as well as brute force attacks and socially-engineered information. We use
PhoneSweep and
Brutus software and manual
exploits as appropriate. The result is a detailed report showing all vulnerable telephone
numbers, including software detected and any successful penetrations.
|
 |
VPN Testing:
Our VPN testing service is a combination of consultancy advice and penetration testing. We
review your VPN implementation with you, highlighting any security concerns and vulnerabilities.
We then attempt penetration or subversion of your VPN connection using equipment you provide
your users. Reviews include both the technical design and the personnel and physical security
issues. The result is a detailed report that highlights the vulnerable areas.
|
 |
Home and Mobile Workers Audit:
Is your human firewall switched on? We review your documentation and policies for home and
mobile workers, audit your remote working practices and the mobile
devices in use, and provide assistance with policies and standards. If appropriate,
We can undertake remote access and VPN testing to review the security of these potential
backdoors into your organisation's network infrastructure. We can also undertake
war driving and wireless audits in the vicinity of a staff member's home (with their
knowledge) in order to review the opportunity for information leakage. Deliverables include detailed
reports illustrating vulnerable areas and advice and guidance on improvements.
|
Want more information?
- Phone Andy on +44 (0)1273 45 45 25
- Click Here to download our brochure
- Click here to use our contact form
- Click here for the detailed PCI DSS specification
|