Vulnerability scanners are software or hardware tools used to diagnose and monitor network computers, which allows you to scan networks, computers and applications to detect potential security problems, and evaluate and fix vulnerabilities.
Vulnerability scanners allow you to test various applications in the system for the presence of "holes" that can be exploited by cybercriminals. Low-level tools, such as the port scanner, can also be used to identify and analyze the possible applications and protocols that are running on the system.
Types of Vulnerability Scanners
The vulnerability scanner can be divided into 4 steps:
- Usually, the scanner first detects active IP addresses, open ports, the running operating system and applications.
- A safety report is generated (optional step).
- Attempt to determine the level of possible interference in the operating system or application (may cause a failure).
- At the final stage, the scanner can exploit the vulnerability by causing the operating system or application to crash.
Scanners can be malicious or "friendly". The latter usually stop in their actions in step 2 or 3, but they never reach step 4.
Among the vulnerability scanners are:
- Port Scanner
- Scanners investigating the topology of a computer network
- Scanners investigating the vulnerability of network services
- Network worms
- CGI scanners ("friendly" - help to find vulnerable scripts)
The top ten in the opinion of insecure.org vulnerability scanners (2006):
- Nessus: Vulnerability assessment for UNIX
- GFI LANguard: A commercial network vulnerability scanner for Windows
- Retina: Commercial scanner for vulnerability assessment
- Core Impact: Automated product for testing unauthorized intrusion into the system
- ISS Internet Scanner: Application-Level Vulnerability Assessment
- X-scan: Scanner for researching network vulnerabilities
- Sara: Security Auditor's Research Assistant
- QualysGuard: Vulnerability Scanner (Web Service)
- SAINT: Security Administrator's Integrated Network Tool
- MBSA: Microsoft Baseline Security Analyzer
Other known vulnerability scanners:
- ERPScan SAP Security Scanner