** Services > Network Audit and Penetration Testing > Internet Visibility Review IDsec can find out how much of your network structure is public information. This is a valuable precursor to external penetration testing. * The Need The Internet will offer up a considerable amount of information about any connected organisation. This includes network allocation (the "ownership" of blocks of IP addresses) and name registrations (the mapping of qualified domain names to addresses). In many cases this information is innocuous - indeed, it may be necessary for the functioning of the Internet - but there are circumstances where a potential intruder is offered excessive detail. For example, any information that implies the nature of internal networks should not be available to the public. We can document an organisation's visibility in detail. This helps a company decide whether it has enough (or too many) domain names and determine whether it is making the best use of registered address space. It can also reveal attempts at "passing off", where a third party deliberately establishes a domain name that could be mistaken for a valid client location. * Our Service We search regional network allocation directories for address blocks that appear to be allocated to the organisation. This is be presented as a list of interesting address blocks, giving geographical locations and contact details. At the same time, we list all the publicly advertised hosts contained in these address blocks or otherwise associated with the client. Similarly, we search the various national and international naming registries for domain names and mail exchange records that appear to relate to the organisation. This is correlated to the IP address allocations where possible. * Price Costs are based purely on the consultancy hours required to carry out the work. The effort depends on the perceived size of the client organisation in terms of its Internet presence. As an example, the cost of an Internet survey for a medium sized company based in the UK, with a small number of overseas offices and trading mainly under its own name would be 7 days' consultancy fees. * Assumptions and Caveats It is assumed that the client supplies a short list of subsidiary and associated companies, trading names, abbreviations and any other relevant search tokens. We cannot guarantee finding all the Internet address blocks used by an organisation, particularly if they have been registered by a third party such as an ISP. It is not possible (as part of this service) for us to determine whether address blocks or domain names are in active use. * What You Get We supply address block, host and domain information in tabular format for easy reference, together with our conclusions. This can be made available in suitable electronic form if necessary. * Our Track Record Network visibility projects that we have carried out include: A City financial institution with offices around the world commissioned us to find all the domains and network blocks that had been registered in its name. We were also asked to find all the mail gateways into the organisation. We undertook an Internet Visibility review for one of the largest UK telecoms companies. This was a particularly challenging task, in that many of the names and networks had been registered by companies that had subsequently been bought by our client. * Related Services Network Penetration Testing External penetration testing puts us in much the same position as a potential intruder, trying to break into the Internet gateway and systems behind it. On-Site Gateway Review An on-site review of an Internet gateway that goes beyond a simple external scan and looks for strength in depth. Superwalk: Automated Monitoring Superwalk runs regular scans of an Internet gateway, and characterises all hosts that give any IP response. It also uses a number of tools to find specific vulnerabilities in the services offered. * About Us IDsec is an independent company specialising in network security, and has provided penetration tests and intrusion detection systems since 1997. We can assess the security of your enterprise and advise on long-term protection: as we have for a range of blue-chip clients in the banking, telecoms, manufacturing and utility sectors. IDsec Limited 31-33 College Road, Harrow, Middlesex HA1 1EJ, United Kingdom T: +44 20 8861 2001 F: +44 20 8861 3433 W: www.idsec.co.uk All prices exclude VAT and are subject to confirmation. Copyright (C) 2008 IDsec Limited services/testing/network-visibility.txt 20080715 (5.08)