Vulnerability scanner.

Vulnerability scanner.

Vulnerability scanner

A vulnerability scanner is a software or hardware tool used to diagnose and monitor network computers. This device allows you to analyze the security of networks, computers, and applications to detect possible problems in the security system. A vulnerability scanner operates in the field of assessment and troubleshooting. A vulnerability scanner checks various applications in the system for weak points that can be used by hackers to successfully hack the computer. Among such software tools, low-level tools are also distinguished, for example, computer port scanner — to identify and analyze possible applications and protocols running on the system. Security Analysisis a simple, four-step process: first, the scanner detects active IP addresses, open ports, running operating system and applications. The second step is to generate a security status report, then attempt to determine the level of potential intrusion. The final step may involve testing the detected vulnerability of the operating system or applications, as a result of which security analysis systems may cause the operating system or applications to fail. This feature of scanners is based on the fact that computer scanning softwarecan be malicious or useful. Useful ones stop their actions at the second or third stage, but never lead to a system failure. The classification of vulnerability scanners implies the following conditional types: computer port scanner; scanners that examine the topology of a computer network; scanners that examine the vulnerabilities of network services; network worms; CGI scanners that help detect vulnerable scripts.

Computer port scanner

— a software tool designed to search for network hosts that have certain ports open. These programs are typically used by system administrators to check the security of their networks and by attackers to hack into networks. A search can be made for a number of open ports on one host, or for one specific port on many hosts. The latter is typical for the activity of a number of network worms. The diagnostic process is called port scanning. Computer port scannercan be the first step in the hacking or hack prevention process, helping to identify potential attack targets. With the help of appropriate tools, services running on a machine can be investigated, their version numbers and the operating system used can be determined by sending data packets and analyzing the responses. The most common open port scanner– TCP/IP protocol. Services located on hosts are addressed by two identifiers: an IP address and a port number. There are 65536 possible port numbers. Most services use a limited set of port numbers; a port number is assigned by the IANA organization if a service becomes significant enough. Port scanning software is implemented in one of the well-known diagnostic indicators: Open, or connection accepted — the host has sent a response confirming that the host accepts connections on this port; Closed, forbidden: the host has sent a response indicating that connections on this port will be rejected; blocked, filtered: no response from the host.

Port Scanner

Includes a classification of problems associated with open ports, which is represented by the following positions: security and stability problems associated with the functioning of programs that provide services; security and stability problems associated with the operating system running on the host. Closed ports can pose a danger only under the second point. Blocked ports, at present, do not pose a real danger.