Synergon System Integrator
Search
    English pages/Solutions/IT Security/Ethical Hacking
    Increase font sizeDecrease font size
    Print
    Ethical Hacking

    Ethical security testing is performed by our experts in coordination with the customer and in accordance with the customer’s requirements in each event. Its objective is to explore the security loop holes and inadequacies in the customer’s system.

    Ethical hacking steps 

    Social engineering 

    Its objective is to collect information on the customer's system through different channels. Many people think that intrusions into the computer network originate in system errors exploited by intruders. However, in reality the security of a system is not only threatened by the errors of the system elements but also by the other inadequacies traceable in the other elements constituting part of the system. Human resources and physical insurance are also such elements. Information which can be gained through human resources quite often helps the attacker in avoiding the security barriers, such as firewalls or intrusion detection systems. The credulousness or lack of alertness by computer users often facilitates an easy intrusion into a protected system, even in situations when the attacker is not authorized to access at all.

    Technical information technology testing 

    The technical security checking comprising of the following activities is performed on the basis of the information gained by social engineering.

    External intrusion testing 

    In the course of the external intrusion testing a simulated attack is performed against the customer's network, mainly aiming at exploring any system errors. In the course of the testing, tools which are accessible to anyone are intended to be used so that the generality of the test can be ensured. A continuous contact shall be kept between the representatives of the two companies for the purpose of coordinating certain points. The testing can be divided into several stages, such as mapping investigation, passive exploration, general, low risk level testing, specific and high risk level testing.

    Synergon Information Systems Plc. creates a journal on each point of the performed tests so the events can be exactly traced during occasional control tests in the future. The derived test results are interpreted, the interpreted material is handed over consisting not only of the explored problems and inadequacies, but the solutions to them as well. The test results are also handed over as appendices to the document, comprising of the recommendations required for correction.

    Internal system testing

    In the course of the testing, Synergon Information Systems Plc.’s experts aim at mapping the system and its vulnerable points from the customer’s internal system side. The unauthorized intruder attempting an attack from outside either stops or starts a systematic mapping after a successful intrusion. Synergon Information Systems Plc. starts the system testing with the knowledge of the basic system, since the external attacker may come across any kind of information and employees may also have extensive information about things.

    Unfortunately, the significant ratio of attacks committed starts from within the company’s own network. So, in the course of the testing, information is intended to be gained from the internal network taking in consideration that the   tested network is an internal network. Although the smoothness of the internal work shall also be observed, everything shall be tested in a systematic manner, which may require a relatively long time due to an extended field or the applied systems. The external testing concerns only a couple of machines which are under complete supervision, while the devices located on an internal LAN network often meet only less tight requirements.

    Server and network resource testing

    This phase contains the lowest risk factor in the course of the testing. The implemented network is scrutinized together with the supervision of the entire documentation in the course of the testing. This is based on personal consultation, where Synergon Information Systems Plc.’s experts appear on the site and inspect the settings of certain software. This requires the constant presence of an expert on the customer’s side who has an adequate knowledge of the system and the rights and authorizations to provide information on the use of the devices constituting the object of the inspection and to give the required authorization for the person performing the testing. Documentation is compiled as a result of the testing on the condition of the system(s) and the recommendations for modifications. The testing makes only recommendations but does not modify the system, unless authorized to do so in a written form. The testing result can be compared to the system documentation and provides a good basis for a procedural audit. The testing is mainly extended to firewalls, servers, routers, but upon request, to workstations as well.

    @@portlets.html.upto@@
    Datacenter And Cabling Systems
    Turnkey Datacenters
    Structured Cabling
    Optical data transmission
    Security Technology Systems
    Planning and building of European Union sponsored wideband Internet networks
    Communication networks
    Enterprise networks
    Telecommunicaion networks
    Unified Communication Systems
    Voice Mailbox System - VoiceCover
    System management solutions
    Video Conferencing Solutions
    Wireless Networks
    Cable Television Networks
    NetDoc Network Documentation
    Application Level Network Performance and Traffic Measurement
    Network Optimization
    Centralized identity management (IDM), access management (AM), SSO systems
    Firewalls
    Intrusion Detection/Prevention
    Cisco Security Solutions
    Security Event and Incident Management Systems, Log Collection, Analysis
    Safety Management Tools
    Protection against data leakage
    Laptop and PDA Security
    Authentication Systems
    SPAM Filtering
    Content Filtering
    Complex PKI Systems
    Virus Protection Tools
    IT Security Consultancy
    System integration
    Basic Infrastructure Solutions
    System Management Solutions
    Solutions for Data Protection
    Design and implementation of the infrastructure of systems based on databases
    Hardware Solutions
    Virtualization
    Disaster Management
    Service Center Solutions
    System Support Services
    Business Solutions
    Business Intelligence
    Custom Application Development
    Business Application Deployment, System Integration (BPM, SOA)
    Multi-project Management
    Workflow and Portal
    File Management Systems
    Document Management
    ERP
    SAP Enterprise Management Systems
    IT Outsourcing, support
    Control Services
    Outsource Services
    Support

    You can acquire more information about our solutions by contacting us.

    RSSPrivacy policySitemap Synergon System Integrator

    ponte.hu