Network Vulnerability Scanning

Network Vulnerability Scanning

Vulnerability scanning is an inspection of the potential points of exploit on a computer or network to identify security holes.

A vulnerability scan detects and classifies system weaknesses in computers, networks and communications equipment and predicts the effectiveness of countermeasures. A scan may be performed by an organization’s IT department or a security service provide, possibly as a condition imposed by some authority.  An Approved Scanning Vendor (ASV), for example, is a service provider that is certified and authorized by the Payment Card Industry (PCI) to scan payment card networks. Vulnerability scans are also used by attackers looking for points of entry.

A vulnerability scanner runs from the end point of the person inspecting the attack surface in question. The software compares details about the target attack surface to a database of information about known security holes in services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts. The scanner software attempts to exploit each vulnerability that is discovered.

Running a vulnerability scan can pose its own risks as it is inherently intrusive on the target machine’s running code. As a result, the scan can cause issues such as errors and reboots, reducing productivity.

There are two approaches to vulnerability scanning, authenticated and unauthenticated scans. In the unauthenticated method, the tester performs the scan as an intruder would, without trusted access to the network. Such a scan reveals vulnerabilities that can be accessed without logging into the network. In an authenticated scan, the tester logs in as a network user, revealing the vulnerabilities that are accessible to a trusted user, or an intruder that has gained access as a trusted user.

According to security consultant Kevin Beaver, the best plan is to conduct both types of scans: “Until you test your systems from every possible angle, you simply cannot say with reasonable certainty just where things stand with security”.

 


    • Related Articles

    • Web Application Vulnerability Scanner

      Hello Ladies & Gentleman, Here we came with the new topic `Web Application Vulnerabilities` and how do we scan it using the tool. So without any delay lets get to the topic What is Web Application Vulnerability ? The vulnerability is a weakness which ...
    • Vulnerability Assessment Checklist

      A vulnerability assessment is a process that identifies and assigns severity levels to security vulnerabilities in Web applications that a malicious actor can potentially exploit. The assessment is conducted manually and augmented by commercial or ...
    • Top Mistakes when Performing a Web Vulnerability Assessment

      Last year, according to security vendor Secunia, statistics says the no of vulnerabilities detected in commercial software’s found over 15500 in total 3870 Products. Unfortunately, many vulnerabilities remain open for many weeks, or even years as ...
    • RESTAPI Vulnerability Scanner

      Hi, This post is regarding VOOKI – RESTAPI Vulnerability Scanner. Before you learn about RESTAPI Vulnerability Scanner. You need to learn few things please read below. First, we learn about what is Web Service? WEB SERVICE: A web service is a ...
    • How to improve Web Application Security

      Web application security is one major element in web app development that that often gets overlooked. It’s understandable. Business websites and applications need to be as accessible yet robust as possible, but this presents a huge range of security ...