Telephone: 732-763-2814
Email: service@infosecpro.com

T O P   T H R E A T S :

Abuse of Cloud Computing

Insecure Interfaces and APIs
Malicious Insiders
Shared Technology Issues
Data Loss or Leakage
Account or Service Hijacking
Unknown Risk Profile


Common Exploits

Server Specific
Network Specific
CISCO Specific

CITRIX Specific

T E S T I N G   S T E P S

Password Craking

Network Specific Vulnerabilities:

  • Generic Toolset
      • Passive Sniffing
        • Usernames/Passwords
        • Email
          • POP3
          • SMTP
          • IMAP
        • FTP
        • HTTP
        • HTTPS
        • RDP
        • VOIP
        • Other
      • Filters
        • ip.src == ip_address
        • ip.dst == ip_address
        • tcp.dstport == port_no.
        • ! ip.addr == ip_address
        • (ip.addr eq ip_address and ip.addr eq ip_address) and (tcp.port eq 1829 and tcp.port eq 1863)
      • Active Sniffing
        • ARP Cache Poisoning
          • Usernames/Passwords
          • Email
            • POP3
            • SMTP
            • IMAP
          • FTP
          • HTTP
          • HTTPS
          • RDP
          • VOIP
          • Other
        • DNS Poisoning
        • Routing Protocols
      • ./cisco-torch.pl <options> <IP,hostname,network> or ./cisco-torch.pl <options> -F <hostlist>
      • perl ntp-fingerprint.pl -t [ip_address]
      • ./p0f [ -f file ] [ -i device ] [ -s file ] [ -o file ] [ -w file ] [ -Q sock ] [ -u user ] [ -FXVONDUKASCMRqtpvdlr ] [ -c size ] [ -T nn ] [ 'filter rule' ]
    • Manual Check (Credentials required)
    • MAC Spoofing

    Cloud Computing Security

    Book Cover

    book with ISBN: 1461194067, is now available.
    Please click here to order.

    Our Services:

    Cloud customers need assurance that providers are following sound security practices in mitigating the risks facing both the customer and the provider (e.g., DDoS attacks). They need this in order to make sound business decisions and to maintain or obtain security certifications.

    Our Cloud Security Assessments provide means for customers to:

    1. assess the risk of adopting cloud services;
    2. compare different cloud provider offerings;
    3. obtain assurance from selected cloud providers;
    4. reduce the assurance burden on cloud providers.
    5. select and deploy the security monitoring tools needed and customizing the flow analysis features available on routers.

    Our Cloud Security Assessment evaluation will cover all aspects of security requirements.

    For a complete Cloud Security Assessment and Penetration Testing for an existing configuration please select:

    Other members of our business group:

    COPYRIGHT (C) 2000 - 2013 InfoSecPro.com ALL RIGHTS RESERVED