Infrastructure Security Services


Voice-Over IP (VoIP) Security Assessments

  • Voice-Over IP (VoIP) Security Assessments
    • Analysis of infrastructure configuration and hardening
    • Analysis of phone network interfaces and conference bridge controls
    • Analysis of network based recording and storage
  • Security Analysis of VoIP Architecture
    • Authentication (H.225 Registration and SIP)
    • Authorization (E.164 Alias, IP address, hostnames)
    • Encryption (SSIP, AES, SRTP)
    • Denial of Service Susceptibility (911 and/or operation calls)
    • Protocols (SIP, H.323, RTP, MGCP)
  • VoIP Attacks
    • Eavesdropping, Hijacking, and Replay Attacks
    • Spoofing (Endpoints, Gatekeepers, Border Controllers)
    • Registration Password Compromise
    • Denial of Service Attack (SIP and H.323)
    • Attacks on VoIP Hard phones/Soft Phones
    • H.225 Registration Attacks and DOS

Network Vulnerability Assessment

  • Assess to understand the risk and threat exposure level from malicious/unauthorized users
  • May be performed on internal or external networks
  • Discover the extent of network exposure to Internet attackers, or malicious insiders
  • Enumerate and exploit vulnerable network services, applications, devices, and operating systems
  • Perform vulnerability analysis and threat exercise to determine possible extent of damage or ease of access
  • Document vulnerabilities, remediation, and root causes of insecurity

Host and Device Security Services

Improve the security of:

  • Operating systems
  • Firewalls
  • Routers/switches
  • VPNs
  • Mainframes (OS/390) and AS/400.

Storage Security Assessments

  • Security Analysis of SAN/NAS Architecture
    • Authentication (CHAP, DH-CHAP, None)
    • Authorization (WWN, iQNs, UID/GIDs, SIDs)
    • Encryption (Decru/Neoscale vs. Software encryption)
    • Denial of Service (Data destruction and unavailability)
  • Security testing of SAN/NAS networks
    • iSCSI SAN (CHAP Attacks, iQN Spoofing, SNS Man-in-the-Middle, Domain/iGroup Hopping)
    • NAS (Authentication Attacks, Authorization Bypass, Export/Share enumeration)
    • Fibre Channel SANs (WWN Spoofing, Zone Hopping, DH-CHAP Attacks, LUN Mask Subversion)

Network Access Control - 802.1x

Testing of the 802.1x/NAC solutions:

  • Implementation of 802.1X
    • Server / client implementation weaknesses with fuzzing
    • Authentication/Authorization bypass of 802.1X implementation
  • Implementation of EAP over TLS
    • Fuzzing EAP over TLS server
    • Fuzzing EAP over TLS client
  • Testing of the Endpoint solution:
    • Stateless vs. Stateful firewall testing on NAC agents
    • Fuzzing of firewall state by creating hostile servers and clients
    • Middle person attacks on NAC
    • Trusted 3rd party Servers
    • Authentication and authorization bypass for trusted A/V servers
    • Attempt to subvert security checks completed by external modules
  • 802.1x/NAC Attack Profiles
    • Attacks from non-Agent machines
    • Attacks from malicious machines with Agents
    • Attacks from infected machines with agents
    • Attacks on authentication channels
    • Attacks to bypass/spoof authorization

Syndicate content