This page has been robot translated, sorry for typos if any. Original content here.

Vulnerability Scanners

Vulnerability scanners are software or hardware tools used to diagnose and monitor networked computers, allowing them to scan networks, computers and applications to detect possible security problems, assess and fix vulnerabilities.

Vulnerability scanners allow you to check various applications in the system for the presence of "holes" that can be exploited by attackers. Low-level tools, such as a port scanner, can also be used to identify and analyze possible applications and protocols running in the system.

Types of Vulnerability Scanners

Vulnerability scanner can be divided into 4 steps:

  1. Usually, the scanner first detects active IP addresses, open ports, the running operating system and applications.
  2. A safety report is being compiled (optional step).
  3. Attempting to determine the level of possible interference with the operating system or applications (may fail).
  4. At the final stage, the scanner can take advantage of the vulnerability, causing the operating system or application to crash.

Scanners can be malicious or "friendly." The latter usually stop in their actions at step 2 or 3, but never reach step 4.

Among the vulnerability scanners can be identified:

  • Port scanner
  • Scanners investigating computer network topology
  • Scanners investigating network service vulnerabilities
  • Network worms
  • CGI-scanners ("friendly" - help to find vulnerable scripts)

Software

Top Ten According To insecure.org vulnerability scanners (2006):

  1. Nessus: Assessing UNIX Vulnerabilities
  2. GFI LANguard: A Commercial Network Vulnerability Scanner for Windows
  3. Retina: Commercial Vulnerability Assessment Scanner
  4. Core Impact: Automated product for testing unauthorized intrusions into the system.
  5. ISS Internet Scanner: Application Level Vulnerability Assessment
  6. X-scan: Network Vulnerability Scanner
  7. Sara: Security Auditor's Research Assistant
  8. QualysGuard: Vulnerability Scanner (web service)
  9. SAINT: Security Administrator's Integrated Network Tool
  10. MBSA: Microsoft Baseline Security Analyzer

Other known vulnerability scanners:

  • XSpider
  • Openvas
  • ERPScan SAP Security Scanner
  • SurfPatrol