Protecting Your Network from External Threats

An external network penetration test focuses a manual breach simulation against your public-facing IPs. These IPs are always exposed to potential attacks and represent your front door to attackers all over the world. Though most customers provide their IP addresses up front, Raxis can also use discovery techniques to find them ourselves — just as a malicious hacker might.

Our engineers approach an external penetration test the same way bad guys will attempt to breach your network. We start by taking a close look at your outward-facing IPs, internet-facing systems (including ones that are cloud-hosted), and use our hacking skills to try and safely breach your perimeter.

This is not a vulnerability scan. Our testers don’t stop with identifying weak points in your perimeter. They will actively work to exploit vulnerabilities and attempt to gain unauthorized access to your network. And, at your discretion, they will continue into your network if they gain a foothold.

Does my company need an external network penetration test?

If you have externally facing systems, yes. That’s true whether you only have a simple, customer-facing site or a large external presence that includes file transfer services, SaaS sites, and customer-facing APIs… or anything in between. A Raxis external network penetration test can show you where your weaknesses are and where you need more resources to keep hackers out.

If I’ve had an internal network test, do I still need an external network penetration test?

Raxis strongly recommends having both. That’s because most companies don’t know everything they have exposed externally. We often find that someone rushing to get their job done may focus most on getting things working . . . and not on securing them. Here are a few examples the Raxis team has found in the course of our work:

• Security cameras showing building entrances and exits, some of which were propped open or never locked. Because no credentials were required to access the cameras, anyone on the internet could view them at any time.

• Cash drawers that could be opened remotely by a hacker using default credentials available for free on vendor websites.

• Telnet and FTP services that require no credentials and allow malicious file uploads.

• Exposed administrative pages, often requiring only easily discovered default credentials, that allowed Raxis to view and edit high level device settings — and even sensitive customer and system data.

• Web login pages that revealed which usernames were valid and didn’t block brute-force attacks. This enables malicious actors to use easily accessible technology and test billions of potential password combinations per second. Weak ones can be cracked in an instant.

An external network penetration test from Raxis can reveal network vulnerabilities like these before malicious hackers exploit them.

If I’ve already had a web app test, is an external network penetration test needed? Could the tests be performed together?

Yes and yes. These are two very different tests, even though they may involve the same system.

A web app test is usually credentialed and focuses thoroughly on the application itself, placing less emphasis on other open ports and potential issues on the system. This allows the tester to delve in and focus on the application’s business logic and possible coding gaps versus the system hosting the application.

And external test includes web applications, to be sure, but it does not delve into them (unless the pentester finds a way in through SQL Injection or another critical vulnerability). An external test focuses on discovering any gaps in your external network and exploring what exploits they could lead to.

Separate or combined external network and web application tests are both valid and useful. A combined test can help you work within a budget. Separate tests provide separate reports, which may be helpful if your team reports the findings to different stakeholders.