{"id":460,"date":"2018-07-01T19:26:56","date_gmt":"2018-07-01T19:26:56","guid":{"rendered":"http:\/\/www1.scnresearch.com\/?page_id=460"},"modified":"2018-07-05T02:03:15","modified_gmt":"2018-07-05T02:03:15","slug":"security-audit-and-testing","status":"publish","type":"page","link":"https:\/\/www.scnresearch.com\/index.php\/security-audit-and-testing\/","title":{"rendered":"Security Audit and Testing"},"content":{"rendered":"<h1>Security Audit<\/h1>\n<p>Mapping of accessible hosts by IP number and port<\/p>\n<p>Information about each host including OS, versions of network software, etc.<\/p>\n<p>List of all services and list of services that might be vulnerable<\/p>\n<p>Information about network based on various public databases including Whois,<\/p>\n<p>ARIN, RADB, SWIP, etc.<\/p>\n<p>Detailed website analysis using various http search programs\/scanners<\/p>\n<p>Deeper testing can be done if requested, including software stack overflow testing,<\/p>\n<p>boundary tests using various tools, java testing tools, etc.<\/p>\n<p>Assessments and compliance for Sarbanes-Oxley and HIPPA.<\/p>\n<h1>Typical External Network Security Audit Report<\/h1>\n<h2>Typical Security scans performed by SCN Research<\/h2>\n<h3>Software used:<\/h3>\n<ul>\n<li>Aircrack<\/li>\n<li>AirSnarf<\/li>\n<li>Airsnort<\/li>\n<li>AMAP<\/li>\n<li>cgi-scan<\/li>\n<li>Cisco torch<\/li>\n<li>CryptCat<\/li>\n<li>CyberCop<\/li>\n<li>Ethereal<\/li>\n<li>Ettercap<\/li>\n<li>Dsniff<\/li>\n<li>Fakeap<\/li>\n<li>Fragrouter<\/li>\n<li>Hostapd-utils<\/li>\n<li>Kismet<\/li>\n<li>Metasploit<\/li>\n<li>NASL<\/li>\n<li>Nessus<\/li>\n<li>nmap<\/li>\n<li>NTP fingerprinting tool<\/li>\n<li>Packit<\/li>\n<li>Proxychains<\/li>\n<li>Sara<\/li>\n<li>Sendip<\/li>\n<li>SNMP fuzzer<\/li>\n<li>snmp-walk<\/li>\n<li>Snoop<\/li>\n<li>Snort<\/li>\n<li>SSLdump<\/li>\n<li>TCPDump<\/li>\n<li>TCPick<\/li>\n<li>Tcpsplit<\/li>\n<li>telnet\/ping\/ftp<\/li>\n<li>TFTP bruteforce tool<\/li>\n<li>Unicornscan<\/li>\n<li>VNC<\/li>\n<li>Whisker<\/li>\n<li>WPA-Supplicatiant<\/li>\n<li>Yersinia<\/li>\n<li>other utilities as required<\/li>\n<\/ul>\n<h2>A report is presented in a binder by network\/city\/location.<\/h2>\n<h3>Each program or report is divided into individual sections. A typical network report will contain:<\/h3>\n<p>Host list and whois report<\/p>\n<p>CyberCop Scanner report<\/p>\n<p>Sara Report\u00c2\u00a0\u00c2\u00a0 (if applicable)<\/p>\n<p>Nessus Scan\u00c2\u00a0\u00c2\u00a0 (if applicable)<\/p>\n<p>Sara raw data\u00c2\u00a0\u00c2\u00a0 (if applicable)<\/p>\n<p>Router access display (telnet to router)<\/p>\n<p>One or more NMAP reports<\/p>\n<p>CGI report if web servers present<\/p>\n<p>The report is also available on CD-ROM<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security Audit Mapping of accessible hosts by IP number and port Information about each host including OS, versions of network software, etc. List of all services and list of services that might be vulnerable Information about network based on various public databases including Whois, ARIN, RADB, SWIP, etc. Detailed website analysis using various http search &hellip; <a href=\"https:\/\/www.scnresearch.com\/index.php\/security-audit-and-testing\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Security Audit and Testing&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":492,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-460","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/pages\/460","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/comments?post=460"}],"version-history":[{"count":0,"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/pages\/460\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/media\/492"}],"wp:attachment":[{"href":"https:\/\/www.scnresearch.com\/index.php\/wp-json\/wp\/v2\/media?parent=460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}