Network Vulnerability Assessment

During a network Vulnerability Assessment, Feisty Fox Security aims to identify and report on identified vulnerabilities within scoped systems. The identification and exploitation process will occur in an interactive pattern to ensure a wide coverage of the systems.

Within this task under the Rules of Engagement we will:

• Enumerate system information such as operating system versions, application versions, and service configurations;
• Browse the relevant services to identify those with inappropriate configuration allowing anonymous or unregulated access;
• Scan each host and service for publicly disclosed vulnerabilities and configuration weaknesses;
• For key servers, specifically, analyse server configuration to identify issues such as unnecessary modules and services, misconfigured administrative services, default files and sample pages;
• Detection of default configurations;
• Detection of sample or demo code;
• Application controls against malicious user input;
• Vulnerabilities in the middleware layer; and
• Research both internal Feisty Fox Security proprietary as well as public vulnerability repositories for suspected security weaknesses.