Vulnerability Testing: How Vulnerability Scanning Works

Vulnerability scanning programs are designed for the purpose of identifying network holes and weaknesses. The scanners include features that assist with repairing the vulnerability before hackers have the chance to exploit them.

There hundreds of vulnerability scanners on the market from free versions to commercial versions. They scan your network from the outside like a hacker would do when trying to identify network vulnerabilities. The only difference is vulnerability scanners will not only identify the vulnerability but often offer advice on how to repair the vulnerability.

How Vulnerability Scanning Works

Vulnerability scanners work in the same manner as antivirus programs do by using databases that store descriptions of different types of vulnerabilities. One problem with this method is that the scanner will only scan for the vulnerabilities that are known by the database. Although the database is constantly updated, there is still a small chance of a vulnerability being overlooked.

With that said, vulnerability scanning begins with scanning the network and identifying pertinent information such as the type of operating system and applications that are installed. It collects all of this information from the network and organizes it into a report for prioritizing the information.

It uses this information as criteria for scanning all of the network system ports, identifying any password breaches, detecting any suspicious applications or services, and determines if there are any missing service packs or security fixes. A vulnerability scanner also identifies malware, monitors remote access, and identifies any coding flaws which may have occurred.

Why Use a Vulnerability Scanner

The use of a vulnerability scanner often gets confused with other network security tools such as a firewall or intrusion detection system. It is important to note that these other security tools are still necessary when employing a vulnerability scanner.

Functions that a vulnerability scanner performs are different from those that a firewall or intrusion detection system will perform. For example, when compared to an intrusion detection system, the vulnerability scanner identifies possibilities for attacks where an intrusion detection system identifies the actual attack after it has occurred. When compared to a firewall, a vulnerability scanner will simply identify the holes in the network where a firewall will prevent exploitation.

Vulnerability scanning only contributes one component to a good network security plan. It is important to use the other components discussed to reinforce network security. Many organizations that do not employ a vulnerability scanner, fail to identify the weak parts of the network before they are exploited.

Meanwhile hackers are diligently working to scan the network for vulnerabilities and inevitability end up exploiting the hole before the organization realizes it was there. This is why it is essential for IT administrators to employ an effective security strategy which includes all of security components described here.

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.

With the advent of wireless Internet, more and more computer users are entering the world of cyber space.

Yet, while these users are well aware of the importance of the protection of their computer when hooked up to regular internet providers, they are often oblivious to the fact that the same cyber dangers, and in fact even more, exist in the world of WiFi.

What you may not know is that same Internet connection that makes it possible to check your email from the comfort of your bed also makes it easier for hackers to access your personal information.

It is for this reason, the sharing of the wireless Internet connection, that protecting your computer when wireless is even more important than ever before.