Vulnerability Scanning Essay

1411 words - 6 pages

This paper is being furnished to provide the CIO with a technology evaluation of vulnerability scanning. The information provided will ensure that the CIO has the required information to make the best decision in regards to this technology. This paper provides a brief understanding of vulnerability scanning, its many forms, the types of scanners available, the advantages and disadvantages, and the costs involved.

Introduction
Vulnerability scanning is an automated process that is conducted by an organization’s IT staff to identify any vulnerability that their information systems might possess and used to help “secure your own network” (Bradley). It is also used by hackers that are conducting reconnaissance on an organizations network to find any vulnerability that they might exploit. These next few pages will provide information on vulnerabilities, the many different forms of vulnerability scanning, the different types, pro’s and con’s, and costs.
Vulnerabilities
Vulnerabilities occur when corrupted code or misconfigured hardware are on a network. This is why it is important for an organization to have an effective vulnerability assessment plan that includes regular scans of the network and annual penetration tests. These scans are very important to prevent hackers from “utilizing these flaws to gain access to your machines” (Houghton, 2003). An excellent source of information to get “summaries, technical details, remediation information, and lists of affected vendors” (US-CERT) is the Vulnerability Notes Database. Please view Appendix B for current threats.
What Are The Forms of Vulnerability Scanning?
Just like any other security tool or software available, there are many different forms of vulnerability scanning. Each of these methods provides a specific task to help an organization determine the security of their networks.
External
According to Secure State, an external vulnerability scan gives the organization an overall picture of any vulnerability that is present on an external network. This is used to help protect the organizations information systems from attacks that utilize their “publicly accessible systems” (NWN Corporation). These information systems are the most susceptible to attack because of their connection to the World Wide Web (WWW). This means that that it is important that a vulnerability scan be conducted regularly to ensure a secure system (Appendix A).
Internal
According to NWN Corporation, an internal vulnerability scan is designed to identify any vulnerability that an organization might have within their internal network. These types of vulnerabilities are usually susceptible from attacks within an organizations network from either employees or any other individual that has access to the internal network.
Active
Active vulnerability scanners send active signals throughout the network and evaluate the responses that were received. These responses will help to identify any...

Find Another Essay On Vulnerability Scanning

Environmental Scanning Essay

2628 words - 11 pages . According to (Harper 2004), environmental scanning has instituted a feeling of vulnerability to the particular segment of individuals in the public who believe that the probability of them being perceived as threats, subjected to exploitation and being victimized are high because of their origin, culture and background. Conclusion As illustrated above Cornelissen’s (2007) and L’ Etang’s (2008) arguments have been justified by previous and current

domains of an IT Infrustructure Essay

983 words - 4 pages to gain more access.Phase 2: ScanningScanning involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase can include dialers, port scanners, network mappers, sweepers, and vulnerability scanners. Hackers are seeking any information that can help them perpetrate attack such as computer names, IP addresses, and user accounts.Phase 3: Gaining

National IDs (This is a Rogerian Essay)

637 words - 3 pages Terrorist attacks on the United States have left America with a sense of vulnerability, and have promoted a few radical ideas that in the end may hinder America's freedoms. America, proven through our economy and low statistics of poverty, is the wealthiest and most powerful country in the world. Our economy is the financial backbone of almost all other nations. American scientists have harnessed the power of the atom, in ways that we can use it

New Technology Market: Zero-day Exploit

1294 words - 6 pages software fixes on an organization existing system. However, this task can become a race against time in trying to mitigate a security breach. Many times the system admin has to wait for the software vendor to produce a patch to fix the problem. This is most apparent when a company is infected with a Zero-Day Exploit. Zero-Day Exploit is an vulnerability cause by the software makers haste in bringing software to market without fully testing for

Web Vulnerabilities Paper

2243 words - 9 pages . Vulnerability can be identified and removed from an application by performing security reviews and analyzing code to identify malicious portions. The utilization of scanning tools can also be hopeful to scan a website for flaws as well. It can be argued that one of the simplest rules for cybersecurity is to never trust user-input, however with this vulnerability its primary advantage is vulnerabilities left by developers in their work

Advanced Research Cyber Security

1465 words - 6 pages of attackers. Also in today’s cyber climate it is well known that any organization, no matter the size or prestige, with a cyber-presence is vulnerable to attacks and exploits. The fact is that Advanced Research needs to become proactive in our approach to cyber security. Simply put, the best way to defend our cyber property is to perform comprehensive vulnerability scans across all of our systems. It is my recommendation as the IT Manager that

Elements Of Network Security

1606 words - 6 pages real damage can be done to the network. The most common approach to intrusion detection is based on the belief that violations can be discovered by looking for abnormal system usage, or scanning the system in search for known attack patterns or virus indicators (Denning, D., 1986). The two approaches used by LADWP are automated intrusion detection, and network traffic and vulnerability monitoring. For automated intrusion detection, LADWP has

Dissecting the Hack: The Forb1dd3n Network

3065 words - 12 pages reason for the hack, it seems more likely that the senior administrator would have access to more information and resources than the school teacher would. Once the target has been identified, the attack moves into the scanning phase. This means that the hacker starts looking for all available ways to penetrate the defenses of the target. During the scanning phase, hackers may choose from a variety of options while looking for vulnerability

Behind Closed Doors

986 words - 4 pages reported that technology vastly increases children’s capacity for secrecy and their vulnerability to exploitation (29). Though it may be unintentional, children are viewing porn on a regular basis; unhealthy consequences on the brain are very likely to ensue. Moreover, the viewing of pornography has a negative impact on the brain. ‘Research using a variety of experimental and correlational methods has shown pornography use to be harmful to both

Denial of Service(DOS)

691 words - 3 pages attacker then generates streams of packets on each Agent and directs these packets to the intended victim, thereby overloading the victim with useless data.The following steps are the process that the attacker must go through(Cisco):1. Initiate a scan phase in which a large number of hosts (on the order of 100,000 or more) are probed for a known vulnerability.2. Compromise the vulnerable hosts to gain access.3. Install the tool on each host.4

Ecommerce

848 words - 3 pages ] Intrusion detection (ID) is a type of security management system for computers and networks. An ID system gathers and analyzes information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization). ID uses vulnerability assessment (sometimes refered to as scanning), which is a technology developed

Similar Essays

Vulnerability Assessment Of The Company System And Recommendations On Measures To Mitigate Or Eliminate Potential Risks

1167 words - 5 pages 2.3 Vulnerability assessment tools Vulnerability assessment tools are a requirement for a successful vulnerability assessment as indicated in item 2.2 above (Perry nd). Security assessment tools detect and stop malware and any other attempt to crack computer systems. They are categorised into network security assessment tools and Web security assessment tools. Network vulnerability scanning focus on both sides of the firewall, within and

Nessus: The Vulnerability Scanner Essay

689 words - 3 pages port scanning. Furthermore, Nessus has a large support community and is compatible with most operating systems and networking devices. It doesn't take long between the discovery of a new vulnerability and the posting of an updated plugin for Nessus to detect it. In fact, Nessus takes advantage of the Common Vulnerabilities and Exposures (CVE) architecture that facilitates easy cross-linking between compliant security tools. Additionally

Vulnerability Assessment Of The Company System And Recommendations On Measures To Mitigate Or Eliminate Potential Risks

1214 words - 5 pages 2.2 Performing vulnerability assessments Vulnerability assessments are conducted to secure computer networks from attacks. Administrators usually consider patching and deploying antivirus. Vulnerability assessments should be set to run constantly to alert the administrator of any change that may be detected on the network to ensure network security protection (Carabott 2011). Performing a successful vulnerability assessment for the company

Vulnerability Assessment Of The Company System And Recommendations On Measures To Mitigate Or Eliminate Potential Risks

1339 words - 6 pages ) Identified the following measures that can be applied to counteract the identified risks: 3.2.6.1 Creating and abiding by baseline security standards, 3.2.6.2 Installing vendor patches when appropriate, 3.2.6.3 Vulnerability scanning, 3.2.6.4 Subscribing to and abiding by security advisories, 3.2.6.5 Implementing perimeter defenses, such as firewalls and router , and 3.2.6.6 Implementing intrusion detection systems and virus scanning software