ROBOCYBERWALL INC. External Penetration Test Report. September 13, 2017

Similar documents
NEXT GENERATION FIREWALL. Tested Products. Environment. SonicWall Security Value Map (SVM) JULY 11, 2017 Author Thomas Skybakmoen

EXECUTIVE REPORT ADOBE SYSTEMS, INC. COLDFUSION SECURITY ASSESSMENT

ADVANCED ENDPOINT PROTECTION COMPARATIVE REPORT

ADVANCED ENDPOINT PROTECTION TEST REPORT

BREACH DETECTION SYSTEMS COMPARATIVE ANALYSIS

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED

Protect Your Organization from Cyber Attacks

Funding University Inc. Terms of Service

INCLUDING MEDICAL ADVICE DISCLAIMER

ENTERPRISE ENDPOINT COMPARATIVE REPORT

TEST METHODOLOGY. SSL/TLS Performance. v1.0

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Entrust WAP Server Certificate Relying Party Agreement

Vulnerability Assessments and Penetration Testing

Testers vs Writers: Pen tests Quality in Assurance Projects. 10 November Defcamp7

Offensive Technologies

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Terms of Use. Changes. General Use.

HIPAA Privacy, Security and Breach Notification

WEB APPLICATION FIREWALL COMPARATIVE ANALYSIS

ASSURANCE PENETRATION TESTING

Trustwave Managed Security Testing

OCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA)

PLAINSCAPITAL BANK SAMSUNG PAY TERMS AND CONDITIONS - PERSONAL

FedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide. Version 1.1

Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors

Specific Terms And Conditions for hi!share International Prepaid Airtime Top- Up Value Added Service ( hi!share International Terms )

BCDC 2E, 2012 (On-line Bidding Document for Stipulated Price Bidding)

Vulnerability Management

Release Notes. BlackBerry Enterprise Identity

WHITE PAPER February Rich clients with thin client data security: a hybrid approach

Application Security Approach

QPP Proprietary Profile Guide

ICS Penetration Testing

Class Composer General Terms of Use

Merchant Certificate of Compliance

Security Solutions. Overview. Business Needs

Curso: Ethical Hacking and Countermeasures

Atlassian Crowdsourced Penetration Test Results: January 2018

Hitachi ID Identity and Access Management Suite TRIAL USE LICENSE AGREEMENT. between

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

NEW YORK CYBERSECURITY REGULATION COMPLIANCE GUIDE

LET S ENCRYPT SUBSCRIBER AGREEMENT

IoT & SCADA Cyber Security Services

CASE STUDY. How 16 Penetration Tests Missed A Vulnerability Which Could ve Cost One Company Over $103 Million In PCI Fines

Cybersecurity Today Avoid Becoming a News Headline

SSA-420 ISA Security Compliance Institute System Security Assurance Vulnerability Identification Testing Policy Specification

Brochure. Security. Fortify on Demand Dynamic Application Security Testing

SECURITY & PRIVACY DOCUMENTATION

10 FOCUS AREAS FOR BREACH PREVENTION

Entrust SSL Web Server Certificate Subscription Agreement

Atlassian. Atlassian Software Development and Collaboration Tools. Bugcrowd Bounty Program Results. Report created on October 04, 2017.

Domain Hosting Terms and Conditions

Lightweight Machine to Machine Architecture

Policies & Medical Disclaimer

External Supplier Control Obligations. Cyber Security

RiskSense Attack Surface Validation for IoT Systems

SDLC INTELLECTUAL PROPERTY POLICY

Release Notes. BlackBerry UEM Client for Android Version

Compatibility Matrix. Good Control and Good Proxy. June 4, 2018

Quick Start Guide for Administrators and Operators Cyber Advanced Warning System

Server Security Procedure

Engineering Your Software For Attack

Security Advisory Relating to the Speculative Execution Vulnerabilities with some microprocessors

MERIDIANSOUNDINGBOARD.COM TERMS AND CONDITIONS

Quick Reference. Good for Enterprise to BlackBerry Work Using Good Control Transition Guide

Quick Start Guide. BlackBerry Workspaces app for Android. Version 5.0

Threat Hunting in Modern Networks. David Biser

THREAT ISOLATION TECHNOLOGY PRODUCT ANALYSIS

Product Security Program

FLUENDO GENERIC EULA

PRIVATE MOBILE CONNECTION (formerly COMMERCIAL CONNECTIVITY SERVICE (CCS)) CUSTOM APN ATTACHMENT

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Terms and Conditions For Online-Payments

EXECUTIVE BRIEF: WHY NETWORK SANDBOXING IS REQUIRED TO STOP RANSOMWARE

Legal notice and Privacy policy

CompTIA CAS-002. CompTIA Advanced Security Practitioner (CASP) Download Full Version :

Security Configuration Assessment (SCA)

Question No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output:

IBM Managed Security Services - Vulnerability Scanning

MIS Week 9 Host Hardening

Security analysis and assessment of threats in European signalling systems?

BlackBerry Enterprise Server Express for Microsoft Exchange

Sentinel EMS 4.1. Release Notes

CYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun

NOOTRY TERMS OF SERVICE

SONICWALL SECURITY HEALTH CHECK SERVICE

Security Advisory Relating to Worldwide Botnet Dialing H.323-Capable Systems

BlackBerry Enterprise Service 10. September 10, 2014 Version: 10 and 10.1.x. Compatibility Matrix

4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints

Incident Play Book: Phishing

Site Impact Policies for Website Use

TERMS OF SERVICE. Maui Lash Extensions All Rights Reserved.

Authentication Services ActiveRoles Integration Pack 2.1.x. Administration Guide

HPE Education Services ESE (East and South Europe) Terms and Conditions

TRAPS ADVANCED ENDPOINT PROTECTION

Attackers Process. Compromise the Root of the Domain Network: Active Directory

Winnebago Industries, Inc. Privacy Policy

Certified Vulnerability Assessor

Transcription:

ROBOCYBERWALL INC. September 13, 2017 Presented To: John Martinson Jr RoboCyberWall Inc. 5555 Del Monte Dr, Unit 2004 Houston, Texas 77056 admin@robocyberwall.com 713.589.2537 Submitted By: Jules Carter Senior Security Consultant SecureWorks One Concourse Parkway Suite 500 Atlanta, GA 30328 877.905.6661 jcarter@secureworks.com 505.401.5252

Report Disclaimer Statement RoboCyberWall Inc. Customer shall own all right, title, and interest in and to any written summaries, reports, analyses, and findings or other information or documentation prepared for Customer in connection with SecureWorks provision of the Consulting Services to Customer (the Customer Reports ). The provision by Customer of any Customer Report or any information therein to any unaffiliated third party shall not entitle such third party to rely on the Customer Report or the contents thereof in any manner or for any purpose whatsoever, and SecureWorks specifically disclaims all liability for any damages whatsoever (whether foreseen or unforeseen, direct, indirect, consequential, incidental, special, exemplary or punitive) arising from or related to reliance by any third party on any Customer Report or any contents thereof. Copyrights and Trademarks 2017 SecureWorks Inc. All rights reserved. Trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. SecureWorks and its affiliates disclaim responsibility for errors or omissions in typography or photography. SecureWorks and its affiliates terms and conditions of sale apply. A printed hard copy of SecureWorks terms and conditions of sale is available upon request. SecureWorks Confidential docid: TT-PT-20170217 Page ii

Table of Contents 1. Executive Overview... 1 1.1. Summary of Findings... 1 1.2. Summary of Recommendations... 2 2. External Penetration Test... 2 2.1. Methodology... 2 2.1.1. Scope Validation... 2 2.1.2. Vulnerability Analysis... 2 2.1.3. Manual Verification... 2 2.1.4. Exploitation... 3 2.1.5. Rules of Engagement... 3 2.2. Network Description... 3 2.3. Narrative... 3 2.4. Key Findings and Recommendations... 4 2.4.1. Critical-Severity Findings... 4 2.4.2. High-Severity Findings... 4 2.4.3. Medium-Severity Findings... 4 2.4.4. Low-Severity Findings... 4 2.4.5. Informational-Severity Findings... 4 2.5. Open Ports... 4 Appendix A: Key Terms... 5 A.1 Severity Ratings... 5 SecureWorks Confidential Page iii

1. Executive Overview RoboCyberWall Inc. (RoboCyberWall) contracted with SecureWorks to perform the following security assessment task: External Penetration Test The security engagement occurred during the period from September 5, 2017, to September 8, 2017. The objective of this engagement was to identify vulnerabilities in RoboCyberWall s systems and network security that external adversaries could exploit. During the course of the assessment, SecureWorks launched 6,593 probes and manual hack attempts on the RoboCyberWall protected server without accomplishing any breaches. It is important to note that this report is not an objective measure, but is solely based upon observation and experience; it does not cover areas deemed out of scope or issues beyond the capabilities of this methodology. A high-level overview of the results is presented below. Detailed results can be found in subsequent sections of this document. 1 Critical High Medium Low Informational 0 0 0 0 0 0 External Penetration Test External Penetration Test: SecureWorks identified ZERO (0) critical-severity findings, ZERO (0) high-severity findings, ZERO (0) medium-severity finding, ZERO (0) low-severity findings, and ZERO (0) informational-severity findings. SecureWorks Confidential Page 1

2. External Penetration Test During the period from September 5, 2017, to September 8, 2017, SecureWorks performed a technical network security assessment against a predetermined set of targets, including the following IPs and hosts: Targets 165.227.116.82 The assessment consisted of several phases, each detailed below along with the methodology, associated findings, and subsequent recommendations. SecureWorks utilizes the Penetration Testing Execution Standard (PTES) as the standard basis for penetration testing execution. The standard can be found here: http://www.pentest-standard.org. Tools utilized are covered in the Penetration Testing Execution Standard Technical Guidelines (PTES-G), which can be found here: http://www.pentest-standard.org/index.php/ptes_technical_guidelines This step validates the target list provided. This is a safety measure and ensures the accuracy of subsequent findings. Activities included were: Ping sweeps and route tracing Footprinting of networks and systems Internet domain name registration searches Internet registry number searches Domain name service (DNS) lookups Vulnerability testing is the process of discovering flaws, in systems and applications, that can be leveraged by an attacker. These flaws can range anywhere from host and service misconfiguration to insecure application design. The process used to look for flaws varies and is highly dependent on the particular component being tested. Automated scanning tools occasionally fail to report some vulnerabilities. Therefore, manual verification does not rely on automated scanning. A testing methodology that solely relies on automated scan results can give a false sense of security. Automated scanning tools often report false positives reported vulnerabilities that are not actually present. For vulnerabilities discovered through automated scanning, manual verification ensures report findings are accurate and that the vulnerabilities reported are an accurate representation of your environment. Without this often-overlooked step, time may be wasted attempting to remediate vulnerabilities that don t exist. SecureWorks Confidential Page 2

The exploitation phase of the penetration test focuses solely on establishing access to a system or resource by bypassing security restrictions. The main focus is to identify the main entry point into the organization and to identify high-value target assets. Ultimately, the attack vector should take into consideration the success probability and highest impact on the organization. Systems were assessed and exploited to the extent described in the methodology. The IP address in scope for this engagement was a test host provided by RoboCyberWall. The device appeared to only be running two services: HTTPS and SSH on a non-standard port. The HTTPS server installed was the main target as that was the basis of this engagement. SecureWorks began this engagement by utilizing open-source tools as well as proprietary scanners to find open ports or any potential vulnerabilities in the host provided by RoboCyberWall. One of these tools is the famous Network Mapper(nmap) tool: nmap -v -sv -Pn -n -p- -oa results 165.227.116.82 SecureWorks only observed two open ports running at the time of testing: 443/tcp and 2020/tcp SecureWorks began the manual testing phase of the engagement by attempting to find any applications installed on the host s HTTPs server. Several open-source tools were used during this phase including nikto and dirb: SecureWorks was unable to find anything useful from these scans. SecureWorks concluded testing without identifying any additional significant findings. Any additional details for findings are documented below. SecureWorks Confidential Page 3

The following set of tables lists key findings identified during the assessment, describes their severity, provides a remediation plan, and lists additional information where applicable. During the period of the assessment, no critical-severity vulnerabilities were identified During the period of the assessment, no high-severity vulnerabilities were identified During the period of the assessment, no medium-severity vulnerabilities were identified During the period of the assessment, no low-severity findings were identified During the period of the assessment, no informational-severity findings were identified At the time of the assessment, the following systems and services were identified: IP Hostname Port Service 165.227.116.82 downloads.robocyberwall.com 443/tcp RCW_Web 2020/tcp OpenSSH SecureWorks Confidential Page 4

Appendix A: Key Terms The following table defines SecureWorks Severity Ratings as used throughout this report. SecureWorks Confidential Page 5

Severity Critical Attributes Evidence of previous compromise (active incident). Exploitation results in a disclosure of sensitive information or can pose a severe impact to Client s reputation. Business Critical systems are heavily impacted, with the ability to alter information or change system settings. The issue described resulted in a complete system compromise that gave the attacker the highest-level user privileges on the system. The vulnerability resides directly on business critical systems. Exploitation is trivial with publically available exploit code, or no exploit code is needed. No authentication is required to exploit the vulnerable service or application. Client has no countermeasures in place to defend against this successful attack, or the deployed countermeasures were ineffective. High Exploitation may result in a disclosure of sensitive information, or may impact Client s reputation. The issue described results in user-account or system compromise. Exploitation is trivial with publically available exploit code, or no exploit code is needed. No authentication is required or authentication is easily guessed/bypassed. Client has no countermeasures in place to defend against this successful attack, or the deployed countermeasures were ineffective. Medium Exploitation may result in the disclosure of a limited amount of moderately sensitive information. Exploitation requires a skilled attacker. Exploitation is non-trivial, and known exploit code either does not exist, or needs to be heavily modified to work effectively. Client has countermeasures in place that might impede this attack. Another attack vector is needed for successful exploitation, such as: Client interaction Social Engineering Network or system misconfiguration Low Critical client information/data is not directly at risk. Requires several additional attack vectors, or one very complicated/rare vector, such as: Control of the client system s internet connection Man-in-the-Middle access Previous compromise of a system Insider access/knowledge Exploitation is extremely difficult and/or time and resource intensive. Client has countermeasures in place that prevent exploitation. Informational Information that may be of interest to an attacker. May provide data that can be used in conjunction with another attack. Can aid in a higher-severity vulnerability. SecureWorks Confidential Page 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback