DMZ Based Tests

Demilitarized (DMZ) Penetration Testing will provide an organisation with an in-depth assessment of the applications & resources available from machines that attach to the DMZ network. These forms of tests do not test the strength of Firewall or other Perimeter Security devices. Instead, they concentrate on Operating System & Application Services configuration, whilst reviewing how these resources interact with other Internet and Internal / DMZ based networks.

Demilitarized Network Testing provides an organisation with an accurate assessment of the build quality of DMZ attached devices. As well as observing ports, services and applications that are reachable over the Internet, DMZ tests will also assess the services and resources that are not published to Internet based users. This provides an organisation with a much more holistic review of their overall security posture.

DMZ tests deliver both a high-level management review document as well as an in-depth technical security analysis document. In addition, Nettitude can provide a regulatory tick-sheet that provides gap analysis between your DMZ infrastructure and industry recognised best practice.

• Vuln: KSP '.m3u' File Buffer Overflow Vulnerability
• Vuln: Apache HTTP Server Multiple Remote Denial of Service Vulnerabilities
• Vuln: Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability