• Slide 1 Title

    Go to Blogger edit html and replace these slide 1 description with your own words. ...

  • Slide 2 Title

    Go to Blogger edit html and replace these slide 2 description with your own words. ...

  • Slide 3 Title

    Go to Blogger edit html and replace these slide 3 description with your own words. ...

  • Slide 4 Title

    Go to Blogger edit html and replace these slide 4 description with your own words. ...

  • Slide 5 Title

    Go to Blogger edit html and replace these slide 5 description with your own words. ...

Free counters!

Friday, 6 August 2010

The Essential Guide to Vulnerability Scanning

The Essential Guide to Vulnerability Scanning

While it's important to link business networks to the Internet for the free exchange of information, a Net connection also opens the door to potential security breaches by malicious attackers. Fortunately, there's a way to protect your network's susceptible areas. Vulnerability scanning utilizes technology that seeks out security flaws and tests systems for weak points. Most scanning systems generate a report of their findings so that a business can use the information to tighten its network's security. Though it usually refers to the practice of scanning Internet-linked networks, vulnerability scanning can also be applied to system audits conducted on internal networks that assess the threats posed by rogue software or malicious employees.

          Regards: Hackfreak


Many enterprises only perform vulnerability scanning as part of an overall security audit – perhaps as infrequently as once a year. This is a big mistake; not only do networks and network connections get updated far more frequently, but new vulnerabilities are discovered weekly. For a larger organization, it's important to make vulnerability scanning a part of a regular security analysis with much more frequent scanning. 

 

Soft Spots

Attackers looking to gain easy access to business networks use a variety of different techniques. Yet one characteristic all attackers have in common is their desire to search for a network's weak points – its soft spots – which they can then use to launch invasions with minimal effort.
Just as the average burglar looks for an unlocked home door, or a car thief scans vehicles for one with a key left in the ignition, an attacker may examine multiple networks to find the one that provides fast and simple access. This proclivity poses a unique challenge for network administrators who, in order to combat inquisitive attackers, must begin to think like an attacker.

Every new update to system and server software brings the potential for new vulnerabilities along with whatever improvements are delivered. And while these vulnerabilities are often found by teams seeking to strengthen and eliminate these vulnerabilities, hackers and malicious attackers receive these reports and generate invasions as fast as they are made, so new vulnerabilities crop up continually.

Scanner Types

The are three major types of vulnerability scanners that businesses can use to find network soft spots:
  • Network Scanner: General-purpose scanner that scours networks for potential vulnerabilities.
  • Port Scanner: Software that is designed to search a network for open ports that attackers could use as illicit entry points.
  • Web Application Security Scanner: Enables businesses to conduct ongoing risk assessments to identify the vulnerability of Web applications to hostile attacks.

Scanner Tools

Businesses and network administrators can select from a variety of vulnerability-scanner offerings. These are some of the more popular tools:
  • Acunetix Web Vulnerability Scanner: This software suite includes a Web security scanner, crawler, report analysis tool and a database of security checks for all leading Web server platforms.
  • Cenzic Hailstorm: Cenzic's application scanner can analyze Web-application security status across departments, business units and geographies.
  • GFI LANguard Network Security Scanner: This vulnerability-management solution includes network-vulnerability scanning, patch management and auditing support.
  • Teneble Nessus 3: Compatible with various types of Unix, this product performs over 900 remote security checks and suggests solutions for security problems.
  • Nmap: Nmap is a simple port scanner delivered in the form of a free, open-source utility for network exploration or security auditing.
  • QualysGuard: Qualys Inc. claims to be the first software vendor to offer a hosted, on-demand solution for security-risk and compliance management.
  • Retina Network Security Scanner: Vendor eEye Digital Security Inc. contends that its vulnerability scanner detects both known and zero-day vulnerabilities. The product also provides a security-risk assessment that helps business embrace security best practices, adopt policy enforcement and handle regulatory audits.
  • SAINT Network Vulnerability Scanner: This network-vulnerability scanner is integrated with a penetration testing tool to enable users to exploit found vulnerabilities. 

0 comments:

Post a Comment