Business Network Solutions is a market leader in information security consultancy and vulnerability research. Founded in 2004, we provide a range of consulting and assessment services to help organisations measure their security posture and build a thorough compliant security program to support their business strategy. We operate on an international basis with a presence across Europe and the Asia-Pacific rim. Our clients include some of the world’s best known blue-chip multinationals, many of whom are listed on the FTSE, DAX and Fortune 500 stock indices although we also have a selection of US government authorities and agencies and mid-range organisations. Most of our clients have been drawn the e-banking, finance, telecommunications, insurance, legal, IT and retail sectors. They are all mature buyers, operate at the highest end of security and understand the differences between the ranges of suppliers in the current market place.
                                         HOME   |  SECURITY AUDITS DATA RECOVERY & FORENSICS  |  PARTS  |  COMPUTER & NETWORK SERVICE  | CONTACT US  |

 

Do hackers know more about your network than you do?

The development of computer networks has resulted in an important class of computers: network servers. The primary purpose of these machines is to provide services, including both computational and data services, to other computers on the network. Because of their service role, it is common for servers to store many of an organization's most valuable and confidential information resources. They also are often deployed to provide a centralized capability for an entire organization, such as communication (electronic mail) or user authentication. Security breaches on a network server can result in the disclosure of critical information or the loss of a capability that can affect the entire organization. Therefore, securing network servers should be a significant part of your network and information security strategy. Many security problems can be avoided if servers and networks are appropriately configured. Default hardware and software configurations are typically set by vendors to emphasize features and functions more than security. Since vendors are not aware of your security needs, you must configure new servers to reflect your security requirements and reconfigure them as your requirements change. The practices recommended here are designed to help you configure and deploy network servers that satisfy your organization's security requirements. The practices may also be useful in examining the configuration of previously deployed servers. The term "server" is used in this module to mean the combination of the hardware, operating system, network service, application software, and network connection. When it is necessary to be more specific, we explicitly mention one of these five components. Although this module focuses on securing network servers, many of the practices are also applicable to securing workstations or other computers on your network. To make it easier for these practices to appear in other modules, we use the word "computer" to mean workstations, servers, or other computers. At times, we differentiate between guidance for workstations and guidance for network servers


Firewalls and Anti-Virus may not be enough. Many exploits take advantage of software flaws that you may not even realize exist. Software companies often won't disclose flaws until its too late. BNS can test for many of those flaws. And with Wireless devices becoming more popular, it's even easier to expose yourself to unwanted devices and have your data compromised.

A Penetration Test  is a detailed analysis of your network and associated systems from the perspective of a potential hacker. A penetration test will test your network for thousands of known exploits and vulnerabilities and provide a detailed report of any problems that are found. Penetration  tests are conducted remotely over the Internet and do not require physical access to your premises nor do they require access to any confidential information such as usernames or passwords. BNS can do testing as a full knowledge test, where the client picks the time and date of the test - or as a zero knowledge test where our security team picks the time and date with no notification to the client. Zero knowledge is best for testing your IDS systems and incident response teams.

Many folks setting up wireless home networks rush through the job to get their Internet connectivity working as quickly as possible. That's totally understandable. It's also quite risky as numerous security problems can result. Today's Wi-Fi products don't always help the situation as configuring their security features can be slow and non-intuitive. The recommendations below summarize the steps you should take, in order to importance, to improve the security of your home wireless LAN. At the core of most Wi-Fi home networks is an access point or router. To set up these pieces of equipment, manufacturers provide Web pages that allow owners to enter their network address and account information. These Web tools are protected with a login screen (username and password) so that only the rightful owner can do this. However, for any given piece of equipment, the logins provided are simple and very well-known to hackers on the Internet. Change these settings immediately. All Wi-Fi equipment supports some form of "encryption." Encryption technology scrambles messages sent over wireless networks so that they cannot be easily read by humans. Several encryption technologies exist for Wi-Fi today. Naturally you will want to pick the strongest form of encryption that works with your wireless network. To function, though, all Wi-Fi devices on your LAN must share the identical encryption settings. Therefore you may need to find a "lowest common demoninator" setting. Access points and routers all use a network name called the SSID. Manufacturers normally ship their products with the same SSID set. For example, the SSID for Linksys devices is normally "linksys." True, knowing the SSID does not by itself allow anyone to break into your network, but it is a start. More importantly, when someone finds a default SSID, they see it is a poorly configured network and are much more likely to attack it. Change the default SSID immediately when configuring your LAN. Each piece of Wi-Fi gear possesses a unique identifier called the "physical address" or "MAC address." Access points and routers keep track of the MAC addresses of all devices that connect to them. Many such products offer the owner an option to key in the MAC addresses of their home equipment, that restricts the network to only allow connections from those devices. Do this, but also know that the feature is not so powerful as it may seem. Hacker software programs can fake MAC addresses easily. In Wi-Fi networking, the access point or router typically broadcasts the network name (SSID) over the air at regular intervals. This feature was designed for businesses and mobile hotspots where Wi-Fi clients may come and go. In the home, this feature is unnecessary, and it increases the likelihood an unwelcome neighbor or hacker will try to log in to your home network. Fortunately, most Wi-Fi access points allow the SSID broadcast feature to be disabled by the network administrator. Most home networkers grativate toward using dynamic IP addresses. DHCP technology is indeed quick and easy to set up. Unfortunately, this convenience also works to the advantage of network attackers, who can easily obtain valid IP addresses from a network's DHCP pool. Turn off DHCP on the router or access point, set a fixed IP address range, then set each connected device to match. Use a private IP range (like 10.0.0.x) to prevent computers from being directly reached from the Internet. Wi-Fi signals normally reach to the exterior of a home. A small amount of "leakage" outdoors is not a problem, but the further this signal reaches, the easier it is for others to detect and exploit. Wi-Fi signals often reach across streets and through neighboring homes. When installing a wireless home network, the position of the access point or router determines it's reach. Try to position these devices near the center of the home rather than near windows to minimize this leakage. The ultimate in security measures, shutting down the network will most certainly prevent outside hackers from breaking in! While impractical to turn off and on the devices frequently, at least consider doing so during travel or extended periods offline. Computer disk drives have been known to suffer from power cycle wear-and-tear, but broadband modems and routers can easily handle this treatment occasionally.

 

Internal security audits are done from behind the firewall, and can scan private IP devices for problems. Internal  scans can detect patch application problems, misconfigured devices and even default passwords that were accidentally left enabled. BNS can test password strength and can even test custom built software packages for security vulnerabilities.

Full security audits will look over the Policies and Procedures of your organization. It will include internal and external testing, physical inspection of the premises, storage of critical data and much more. We can help write  P&P directives if none exist for your company.

BNS can also customize its services with any combination of tests, inspections and recommendations. This helps to keep costs down, while providing a high level of security for your company.

Business Network Solutions is an Authorized Reseller of eEye® Digital Security products, and can offer discounts on any software available. BNS uses Retina® and Nessus, plus Custom software for all testing services. Using this award winning software provides the highest level of quality to our clients - something most other penetration testing services cannot offer.

Because every organization is different, our Penetration Testing service can be customized to meet your needs. Our security consultants will work with you to properly estimate the size and scope of your test. The one-time Penetration Test service provides a single test, while a subscription provides a repeated periodic test of your company’s network and associated systems. Penetration testing can be performed as a full-knowledge test or a zero-knowledge test. 

The testing process initially gathers available information or intelligence about your company’s network to find details that could prove useful to a potential attacker. Your network is then actively probed (also known as scanning, mapping or penetration testing) looking for security weaknesses that could be exploited. When performing Penetration Testing, BNS will not place or alter any files on any systems. Our tests are designed to limit bandwidth usage so that system resources are not drained during the test.

Our tests will include testing for:

  • bugs, exploits, vulnerabilities and security holes

  • firewall and router weaknesses

  • weaknesses in web-server scripts

  • exploitable trusts and shares between systems

Once the tests are completed, the results are compiled into a report. This report contains both a management level overview of any issues and also technical level details of the test results including full details of each security issue uncovered. Full technical details of how to fix each security leaks is included in the report. In addition to any security issues, the report also lists any non-optimal configurations that were found during the tests. 
 

Copyright © 2001-2008     Business Network Solutions     All rights reserved