|
A vulnerability scanner is a program that performs the diagnostic phase of a vulnerability analysis,also known as vulnerability assessment. Vulnerability analysis defines,identifies, and classifies the security holes (vulnerabilities) in acomputer, server, network, or communications infrastructure. Inaddition, vulnerability analysis can forecast the effectiveness ofproposed countermeasures, and evaluate how well they work after theyare put into use. A vulnerability scanner relies on a database that contains allthe information required to check a system for security holes inservices and ports, anomalies in packet construction, and potentialpaths to exploitable programs or scripts. Then the scanner tries toexploit each vulnerability that is discovered. This process issometimes called ethical hacking. An ideal vulnerability scanner has capabilities such as the following: - Maintenance of an up-to-date database of vulnerabilities.
- Detection of genuine vulnerabilities without an excessive number of false positives.
- Ability to conduct multiple scans simultaneously.
- Ability to perform trend analyses and provide clear reports of the results.
- Recommendations for countermeasures to eliminate discovered vulnerabilities.
If security holes are detected by a vulnerability scanner, a vulnerability disclosuremay be required. The person or organization that discovers thevulnerability, or a responsible industry body such as the ComputerEmergency Readiness Team (CERT), may make the disclosure, sometimesafter alerting the vendor and allowing them a certain amount of time toremedy or mitigate the problem.
Last updated on: Jul 04, 2006
|
