Inherent security of the infrastructure
A local host-assessment assesses the security level of individual hosts by assessing the hardening and configuration of these hosts. A local host-assessment goes a lot ‘deeper’ than a remote host-assessment. Security problems within the network infrastructure can be masked by a correctly configured firewall and will not be revealed with remote host-assessment or penetration test. This is an important risk. Suppose a vulnerability in one of the publicly accessible services becomes public, e.g. in a webserver. And suppose that webserver is compromised. An attacker will then be behind the firewall and if the systems visible from that webserver are not sufficient secure, then the attacker can compromise more systems (the stepping-stone principle). A zero-day exploit or an incorrectly configured firewall (human error) can have the same effect. A local host-assessment therefore tests the security of the systems without packet-filters or firewalls shielding it off.
A local host-assessment uses the same approach as a remote host-assessment. Qbit now has on-site access to the network (segment) to which the hosts to be assessed are connected. Qbit usually works from the outside in.
Qbit’s uses a grey and/or white box approach for the local host-assessment. With a grey box approach our ethical hackers have limited knowledge about the network infrastructure like a user account or the network topology. Using a white box approach our ethical hackers have all information about the design and operation of the network infrastructure.
Qbit provides a written report, consisting of the standard report generated by the various tools, supplemented with a (concise) report summarising significant findings and recommendations
Benefits of a local host-assessment
- Find out if your systems are hackerproof.
- Insight in inherent level of security and real vulnerabilities.
- Practical and feasible recommendations.