Q. Who/what is EMMAN?
A. EMMAN Ltd is the East Midlands Metropolitan Area Network. It is a company limited by guarantee and is a not-for-profit organisation jointly owned and run by eight UK East Midlands Universities.
EMMAN owns and runs a high bandwidth Regional Network whose primary purpose is to deliver connectivity to the SuperJANET network and the Internet for the Higher Education Institutions, Further Education Institutions, Specialist Colleges and other institutions across the East Midlands region. The network is managed by EMMAN Ltd under a contract with JANET(UK) who operate SuperJANET.
EMMAN also provides Internet connectivity separate from SuperJANET and wishes to develop communications within the region to encompass a broader range of customer including libraries, schools, local authorities, Small business enterprises and lifelong learning organisations.
Further Information about EMMAN Ltd can be found here: www.emman.net
Q. What types of pentesting certification are there (in the UK)
A. There are three main bodies who certify penetration testers. These are CHECK, Crest and TigerScheme. Further details on these can be found here.
Q. What is the accreditation behind the automated penetration testing service?
A. The partner company who provide the automated penetration testing service are CREST/CHECK accredited
Q. Can I request a free trial of the automated penetration testing service?
A. If you wish to have a free single IP trial of the automated penetration testing then you can contact a member of the ESISS staff via the web contact form (http://www.esiss.ac.uk/contact-us/), or by the contact details on the side panel.
Q. What output is produced by the automated penetration testing service?
A. The scanner produces a summary of the results in either pdf or xml format. Contact a member of the ESISS team for a sample report .
Q. What type of testing does the automated penetration testing service carry out?
A. The scanner carries out two types of testing.
- Infrastructure tests, which consist of:
- NMAP of the host to check open ports/service types
- AMAP probe of open ports found by NMAP
- DNS digging for information about the host/netblock
- Vulnerability tests against the open ports discovered. These are aimed at finding common security problems and are “safe” checks so as to not cause undue problems with the hosts being checked
- Web Application tests, which consist of:
- Each defined website is crawled to map out the content
- A forced browsing scan is performed to test for common issues found in the OWASP top 10 (https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project), eg email address harvesting, browsable dirs, writeable dirs through to SQL injection, XSS, etc.
Q. Is the automated scanner a suitable replacement for vulnerability assessment tools such as Nessus?
A. The automated scanner does incorporate Nessus to carry out infrastructure tests but should not be treated as a replacement for Nessus as, very selective plugins are only used to detect specific information which feeds into some of the other tests.
Q. I’d like to setup an infrastructure scan for my whole Class B (/16) IP range for the university in one scan?
A. Although it is possible to setup a scan for the whole IP range setup for the organisation, it is advisable to setup multiple scans for blocks of IP addresses as this enables the scanner to assess and return the results quicker which would otherwise take large amounts of time to complete. The scan report for theses chunks of addresses would be comprehensible rather than running into hundreds of pages.
Q. How many scans can i schedule for my organisation at one time?
A. There are no limits on the number of scans you can schedule.Due to nature of most of the tests the scanner performs, which run into multiple threads simultaneously, we normally advise our customers to schedule 3 scans at a time which is perceived to use the available resources most efficiently.
Q. What types of best practice advisory do you provide?
A. Our best practice advisory is aimed at providing professional advice in various areas such as procuring Information security systems, design and development of policies and procedures. Key benefits include experience of best use cases seen in the education sector, expert knowledge and ability to assist in all phases of the project. E.g. procurement and implementation of an SIEM system for university wide IT functions.
Q. How are the tests split up on the Reputation Dashboard?
A. The tests are split in to two types, Marketing and Technical.
Q. What are the current “Marketing” tests in the Reputation Dashboard?
A. Current Marketing tests are:
- Bebo
- Blogosphere
- News Sites
- Wikipedia
- TheStudentRoom.ac.uk
- WhatUni.com
- RateMyProfessor.com
- IRC/ICQ Chat Channel Search
- Graduate Job Forums
- eBay Searching
- International Searching
Q. What are the current “Technical” tests in the Reputation Dashboard?
A. Current Technical tests are:
- Web Server Directory Indexes
- Default Web Server Installs
- Default Web Folders
- Web Stats
- RBL Checks
- Open SMTP Relay Checks
- Recursive DNS Checks
- Web Forgery
- Vulnerable Gallery Installs
- Vulnerable WordPress Installs
- Vulnerable MyPHPAdmin Installs
- Google Safebrowsing
- Streaming Media Open Nodes
- User Credential Loss
Q. Can I have a trial of the reputation Dashboard?
A. Unfortunately this service is currently not available to new customers.
Q. What are ESISS standard Terms and Conditions?
A. Our standard Term and Conditions can be found here: https://www.esiss.ac.uk/wp-content/uploads/2011/04/MASTER-SERVICES-AGREEMENT-v1-1.pdf
Q. What are ESISS Service Level Agreements?
A. Current SLAs are:
- External Network Anomaly Detection Service
- Reputation Dashboard Service
- Automated Penetration Testing Service
- Network Healthcheck
Q. How can I keep up to date with ESISS activities and Security Information?
A. There is a RSS feed of the blog on this site here: https://www.esiss.ac.uk/feed/ and ESISS also have a twitter account which can be found here: https://twitter.com/esiss_uk. These links are also available on the footer of this page.