Inexpensive, effective mixed-platform Network Security using Linux-based solutions. 

 
Horizon Network Security™
phone: +1 770-662-8321, email: support@VerySecureLinux.com

 
Security Audits

Security Audits

Comprehensive security audits of networks and systems

We can provide a comprehensive system audit that includes the following and correct any problems or recommend changes:

Services Analysis

Most Linux systems have a wealth of software installed and running. Many of these are considered insecure. We identify and remove unneeded services, greatly reducing the likelihood of a break-in. Frequently clients do not even realize that they are running insecure yet unused services. This is because all popular Linux distributions install these services automatically without even warning you about the security dangers.

Is your system being used to crack another system? One customer recently received a call from a foreign government as the customer's compromised systems were being used to attack that government's computers. We offer egress filtering when we install Firewalls. This prevents any of your compromised systems from being used to attack other organizations or other parts of your organization.

Many cracker tools include programs that listen on a known port for commands from the cracker. Their existence is usually masked by installing Trojaned system commands like 'inetd', 'ps', and 'netstat'. The tools we use for detecting services running are of our own design and construction, and have gone through several security audits done by outside auditors. They will find the Trojans.

Network scan

We can scan your network the way the crackers do. The quick non-destructive procedure will determine what they can see and therefore attack. We can also do a more in-depth scan that will analyze for old versions of servers and operating systems including Windows, Linux, Macs and Unix. Most clients are shocked by what is accessible from the Internet and how vulnerable they are. This is a valuable starting point for securing the network and making non-servers invisible.

Check file permissions

We check all files on your systems for incorrect permissions and ownership that will allow unauthorized access to your system or viewing or changing of confidential data. Even a standard install from a recent Linux distribution will have files with incorrect permissions.

Known Exploit Check

Many Linux and Unix systems are compromised because they are running software that have known exploits. Is your software current? Horizon is familiar with all popular versions of Linux and is an active member in the security community. We wear white hats. Our audit includes an extensive review of your distribution and can apply any and all security related patches and upgrades, with your permission, of course.

Services dispersal and configuration for better security

Some services are more likely to be broken into than others. Running these services on the same system with other services that are more critical or which involve confidential or important data risks these other services being compromised too. Moving these "risky" services to different systems will protect the other services against compromise. Sometimes all that is required is minor configuration changes to existing systems to protect against this compromise "domino" effect.

Trojan Detection

Our familiarity with the wealth of Linux distributions available has allowed us to develop kits that quickly match file sizes and checksums of key system commands to determine if they have been compromised by a system cracker.

A common cracker technique is to install Trojaned system commands that send sensitive data to the cracker, or mask the existence of cracker tools.

Virus Detection

While Linux does not suffer the vast security problems that plague Windows (TM) systems, it is not immune. The first high profile worm was developed on Unix systems and replicated through the mail system. The Raman Linux worm has attacked Red Hat systems, causing web servers to be defaced and made useless until repaired.

Is your system secure? A few minutes of detection each day can save you hours of reconstructive work and embarrassing publicity later. Horizon Network Security can help you choose and install the right solution for your requirements.

Interactive Web Script Analysis

Many exploits of web sites are facilitated through insecure web scripts. The staff at Horizon Network Security will examine your scripts for vulnerabilities. In addition to the C and C++ programming languages, we have expertise in Java, Perl, PHP, Python, Shell and several other popular scripting technologies.

Written report suitable for executive-level viewing

text here

 

 

Top