The Penetration Test centres on evaluating the security of the perimetral protection systems of a company as well as the different systems accessible from the Internet (border routers, border firewalls, WebServers, mail servers, news...). Trying to get into the DMZ and the Intranet network.

• The Penetration Test takes place remotely from the Internet Security Auditors facilities.
• The customer does not need to provide any information relating to its IT Infrastructure. This work is performed by the security team who executes the audit, reaching a bigger independence and then reproducing the same steps a hacker would do.
• Same technologies as hackers but from an ethical point of view: Ethical Hacking.
• Following OpenSource methodologies: OSSTMM and ISSAF.
• The performed tests are:
  
• Network Surveying: Starting point for the Penetration Test. It involves an analysis to obtain a detailed network map.
• Port Scanning, system services and Operating Systems identification: Entry points identification on the systems being analyzed determining its services and characteristics. It involves an automatic and manual port scanning on the IP addresses being audited.
• Automatic vulnerability scanning: Finding security weaknesses on the systems being audited by executing tools developed by the security team as well as public and comercial tools.
• Password cracking: It involves trying to guess user accounts (login and password) on the systems being audited with tools like the used ones by hackers. We execute default password lists, brute force and dictionary attacks.
• Document Grinding: Information gathering involving the systems and company being audited. This information will be analyzed searching for data which can be used to attack the systems being audited. Using all the information available from the Internet: Corporate WebSite, Newsgroups, Job databases, ...
• Antivirus testing: Verifies the existence of at least one antivirus and the level of protection that it offers. It is vital to have a fully operative antivirus which protects the network.
• Trusted Systems testing: The main purpose is to find vulnerabilities on the systems by analyzing the trusting relationship that exist between them.
• Containment measures testing: Verifies the existence of filtering tools for malicious code and the level of protection that they offer to the arrival of this type of code (trojans, ActiveX or Applets...).
• Privacy review: Verify the existence of an policy that fullfills the in force laws on data privacy. List of inconsistencies between the specified in the privacy policy and the current practice of this one.
• Vulnerabilities research and verification: Identification of vulnerabilities not found by the tools used in the Automatic Test.
• Intrusion Detection System (IDS) testing: IDS analysis by sending a huge amount of different kind of attacks for studying its reaction. IDS log analysis.
• Internet Application Testing (Non-Privileged): Web applications and cookies analysis identifying security weaknesses. The result involves a list of vulnerabilities with its level of risk.

Report:
A detailed report is elaborated including:

• High level executive summary.
• Detail of all the performed tests specifying its objectives and results.
• Results obtained in the different tests that have been executed.
• Recommendations which allow to solve the vulnerabilities found.
• Vulnerabilities Classification according to its level of risk. This will allow to the company to be able to elaborate a reliable plan to solve these security problems.

Workshop:
Meeting focused on explaining the results obtained in the audit and recommending the possible solutions that exist for the security problems identified.