External Vulnerability Assessments
LARG*net is offering to our membership free external vulnerability assessments. Email us at security@largnet.ca to sign up.
What we are doing?:
1. We take your public IP addresses and we scan every single one, we assume every IP is in use and scan every TCP port and the top 100 UDP ports.
2. Upon discovery of a service being available on any port. We try to identify the service by looking at versioning if possible. Which generally speaking works, but sometimes versioning isn’t available and more in depth measures are needed to identify the service.
3. From there we look at the individual service found. For example a web server on port 443, We launch safe checks looking for CVE listed vulnerabilities. These are listed as ‘unable to stop or damage a service’
3.1. The limitation in only testing for safe vulnerabilities is that we will miss potential vulnerabilities that will stop or damage a service. We can enable this higher risk option at your request.
3.2. In contrast, these public services are being scanned in exactly the same way by various other hackers. Those people are not concerned with potential risks of stopping or damaging services. Ideally your external services are secure enough to withstand this degree of scan.
3.3. Food for thought, have you had old unpatched server available to the internet that inexplicably crash? You then have automated or have to manually turn those services back on? This is most likely hackers hitting the service and causing it to crash.
4. Our scans are done without any credentials. We don’t attempt to brute force any logins.
5. When the scan completes it generates a report which we will forward to you.