Recently an infrastructure vulnerability test was conducted on one of numerous setups managed by us. For this test the live environment was replicated with a dedicated web server and database server. The hardware firewall remained the same (for both production and test).
The Principle Security Concerns ("PSCs") that were addressed via testing activities were as follows:
- [PSC1] Whether the hosts under review are securely configured and are not vulnerable to attack. - [PSC2] Whether the hosts under review have up to date software installed. - [PSC3] Whether anti-virus software is installed and configured correctly. - [PSC4] Whether the boundary protection devices will resist external attack. - [PSC5] Whether the firewall policy contains any rules that could be regarded as promiscuous - [PSC6] Whether the firewall policy contains any verbose service groups with regard to hosts/network and port exposure. - [PSC7] Whether the devices under review have up to date vendor firmware. - [PSC8] Whether the switches and routers under review contain any configuration elements that would be considered to deviate from best practice.
As expected we were given a clean bill of health with some minor low priority issues which are expected in any system some of which can be marked more as information rather than an issue. In our next post we will give the top 5 recommendations for server administrators.