Network Security Services

Home » Network Security Services

Network Security Services

Computer Support of San Diego has been performing Penetration Testing for its customers for over 10 years. Our team is highly experienced and trained in the latest tools and techniques used by individuals and organizations that commonly compromise networks and the systems within to obtain access to confidential data and critical resources. These results of every Penetration Test presented by Computer Support of San Diego include complete details on the systems and network identified, exploitation results, and both tactical and strategic recommendations.

Network – External

The core ideal around our Penetration Testing methodology is to organize and to iteratively test the target environment from the most general components to the most specific. In this way we can effectively model attack scenarios that highlight risk from the largest, most complex environments down to the most simple, and anywhere in between. The entire testing process is primarily manual to limit generic results from scanners and checklist methods used in general vulnerability assessments. In this way Computer Support of San Diego can focus the engagement on directed attack logic based testing against systems and networks.

Network – Internal

Internal threats comprise the greatest risk facing many organizations today. Internal corporate LAN/WAN environments are structured to allow users greater amounts of access with fewer security controls. As layers of security between a would-be attacker and sensitive data are removed the risk of compromise greatly increases. Computer Support of San Diego will work with you to structure an internal penetration test in a way that meets your business needs, and creates minimal business impact. Keeping with the structured methodology for penetration testing, Computer Support of San Diego maps the same iterative approach to the internal network. For internal testing the most common test design is to have a Computer Support of San Diego consultant “report for work” as a regular employee or contractor, and utilizing normal to minimal system access levels that would be given to the role being simulated, iteratively test all access controls in an attempt to acquire critical data. This is only one testing option, and our security testing specialists will work with you to design the most effective testing scenario. As a benefit to our widely distributed clients, we have developed a remote probe appliance that can be placed anywhere in the world and allows our experts to remotely perform tests as if they were physically present within the environment.

The following illustrates some of the different vulnerability classes Computer Support of San Diego covers during an internal network penetration test.

Note: This is not intended to be a complete or exhaustive list and the actual tests performed are highly dependent on the target environment.

Layer 2 Attacks

  • VLAN Hopping
  • ARP Cache Poisoning
  • Switch Architecture Weaknesses

Layer 3 Attacks

  • IP Redirections
  • Session Hijacking
  • Session Replay

Network / OS Layer Attacks

  • Network Hash Passing
  • DHCP and DNS Weaknesses
  • Various OS Weaknesses

Advanced Attacks

  • Protocol Fuzzing
  • Cryptographic Weaknesses
  • Buffer Overflow
  • Zero-day

Wireless Testing

Wireless networks normally provide a “wedge” into a traditional corporate network that attackers leverage to gain greater access and compromise data. Computer Support of San Diego can perform a penetration test of wireless networks, and using directed attack based logic can present your organization with the real risks of compromise inherent in the wireless infrastructure, and what that risk means to sensitive data stored elsewhere. Computer Support of San Diego has the capability to test a varied array of wireless technologies from 802.11 Wi-Fi to application specific ZigBee, and many technologies in between, such as 900MHz networks, legacy FHSS technologies, 5.8GHz networks and others.

Secure Device Testing

There is an increased concern about the data loss perpetuated by mobile and embed devices where physically security controls are not possible. Devices such as corporate laptops, smart phones, embedded devices, and kiosks pose a greater threat if lost, stolen, or accessed via covert means. Computer Support of San Diego can perform an in-depth “white box” or “black box” review of these devices and provide your organization with actionable changes to mitigate data-loss and exposure should they fall into the wrong hands.

Contact Us