External Network Scanning?

Whoop

Whoop

Whoop

Associate
Joined
27 Nov 2003
Posts
2,486
Location
Loughborough
Hi all,

I've been asked to perform a external scan of the network perimeter to check for vulnerabilities but my tin-foil hat knowledge is slim!

Is there a good company I should approach for this or is there a piece of software someone can recommend? It's rather ambiguous to me how thorough it needs to be... (I guess it's not like my old sub7 days :D) but I'll need to generate a report off it. Thanks. :)
 
You can start by doing a scan of all your external ports. Something like Shields-Up. https://www.grc.com/x/ne.dll?bh0bkyd2

Just make sure you are on a machine that is on the inside and will appear to be coming from the WAN connection you want to test against. That's free. Then when you find any and all ports that are not reported as stealth I guess you'd need to research how to test those vulnerabilities.
 
It's for work I assume? You should employ a proper pen tester tbh, as not only will they actually know what they're doing they'll also know how to advise you fix any exploitable resources they find. Really, 90% of the opsec comes down to the people. Social engineering is the new hax0ring.
 
Don't do it yourself. If you ever have a breach you'll be thrown under the bus to cover your network managers arse.

I cant offer any advice on who to use but just be careful. There are 1001 companies who will change a fortune to run nmap and give you an utterly useless report.

If you have tight firewall rules, patch to latest versions and follow vendor best practice you're 90% of the way there.
 
Do you have anything that needs to be accessible from outside your network that you'd need to check the security of?
 
I've used https://www.securitymetrics.com/ for external vulnerability testing as part of PCI compliancy (protecting systems that process, store or transmit card data). They provide a website where you can trigger a scan of your external IPs and it'll produce a report at the end with any vulnerabilities, their risk rating and usually remedial notes. It's automated, so don't expect it to be as thorough as a pen test, but it's a good tool to verify your basic security configuration.
 
Thanks everyone, without an actual scope they don't make it an easy task.

I'll take a look at all the stuff suggested so far. :)
 
You must log in or register to reply here.
Back
Top Bottom