http://website.isecpartners.com/infrastructure_security_services en http://website.isecpartners.com/voice_over_ip_voip_security_assessments <ul> <li>Voice-Over IP (VoIP) Security Assessments <ul> <li>Analysis of infrastructure configuration and hardening <li>Analysis of phone network interfaces and conference bridge controls <li>Analysis of network based recording and storage</ul> <li>Security Analysis of VoIP Architecture <ul> <li>Authentication (H.225 Registration and SIP) <li>Authorization (E.164 Alias, IP address, hostnames) <li>Encryption (SSIP, AES, SRTP) <li>Denial of Service Susceptibility (911 and/or operation calls) <li>Protocols (SIP, H.323, RTP, MGCP)</ul> <li>VoIP Attacks <ul> <li>Eavesdropping, Hijacking, and Replay Attacks <li>Spoofing (Endpoints, Gatekeepers, Border Controllers) <li>Registration Password Compromise <li>Denial of Service Attack (SIP and H.323) <li>Attacks on VoIP Hard phones/Soft Phones <li>H.225 Registration Attacks and DOS</ul> </ul> <br class="clear" /> Mon, 31 Jul 2006 01:02:35 -0700 chris 79 at http://website.isecpartners.com http://website.isecpartners.com/network_vulnerability_assessment <ul> <li>Assess to understand the risk and threat exposure level from malicious/unauthorized users</li> <li>May be performed on internal or external networks</li> <li>Discover the extent of network exposure to Internet attackers, or malicious insiders</li> <li>Enumerate and exploit vulnerable network services, applications, devices, and operating systems</li> <li>Perform vulnerability analysis and threat exercise to determine possible extent of damage or ease of access</li> <li>Document vulnerabilities, remediation, and root causes of insecurity</li> <br class="clear" /> Fri, 28 Jul 2006 00:47:02 -0700 sarva 58 at http://website.isecpartners.com http://website.isecpartners.com/host_and_device_security_services <p>Improve the security of: <ul> <li>Operating systems <li>Firewalls <li>Routers/switches <li>VPNs <li>Mainframes (OS/390) and AS/400.</ul> <br class="clear" /> Fri, 28 Jul 2006 01:01:16 -0700 sarva 60 at http://website.isecpartners.com http://website.isecpartners.com/storage_security_assessments <p><uL> <li>Security Analysis of SAN/NAS Architecture</li> <ul> <li>Authentication (CHAP, DH-CHAP, None)</li> <li>Authorization (WWN, iQNs, UID/GIDs, SIDs)</li> <li>Encryption (Decru/Neoscale vs. Software encryption)</li> <li>Denial of Service (Data destruction and unavailability)</li> </ul> <li>Security testing of SAN/NAS networks</li> <ul> <li>iSCSI SAN (CHAP Attacks, iQN Spoofing, SNS Man-in-the-Middle, Domain/iGroup Hopping)</li> <li>NAS (Authentication Attacks, Authorization Bypass, Export/Share enumeration)</li> <li>Fibre Channel SANs (WWN Spoofing, Zone Hopping, DH-CHAP Attacks, LUN Mask Subversion)</li> </ul> </ul> <br class="clear" /> Fri, 28 Jul 2006 00:53:58 -0700 sarva 59 at http://website.isecpartners.com http://website.isecpartners.com/network_access_control_802_1x <p>Testing of the 802.1x/NAC solutions: <ul> <li>Implementation of 802.1X <ul> <li>Server / client implementation weaknesses with fuzzing <li>Authentication/Authorization bypass of 802.1X implementation </ul> <li> Implementation of EAP over TLS <ul> <li>Fuzzing EAP over TLS server <li>Fuzzing EAP over TLS client</ul> <li>Testing of the Endpoint solution: <ul> <li>Stateless vs. Stateful firewall testing on NAC agents <li>Fuzzing of firewall state by creating hostile servers and clients <li>Middle person attacks on NAC <li>Trusted 3rd party Servers <li>Authentication and authorization bypass for trusted A/V servers <li>Attempt to subvert security checks completed by external modules</ul> <li>802.1x/NAC Attack Profiles <ul> <li>Attacks from non-Agent machines <li>Attacks from malicious machines with Agents <li>Attacks from infected machines with agents <li>Attacks on authentication channels <li>Attacks to bypass/spoof authorization</ul> </ul> <br class="clear" /> Tue, 01 May 2007 04:30:05 -0700 anastasia 217 at http://website.isecpartners.com