Sign In
Not register? Register Now!
Essay Available:
You are here: HomeLab ReportIT & Computer Science
6 pages/≈1650 words
6 Sources
IT & Computer Science
Lab Report
English (U.S.)
MS Word
Total cost:
$ 32.4

The Task Is About Comparison Of Vulnerability Scanners (Lab Report Sample)


The Task Is About Comparison Of Vulnerability Scanners

Comparison of Vulnerability Scanners
With the advancements in information technology, the security concern of the users in the network is increasing drastically. Various approaches have been adopted to protect respective network from un-authorized users. New innovative methods have been presented in order to identify potential discrepancies that can damage the network. Most commonly used approach for this purpose is vulnerability assessment. Vulnerability can be defined as the potential flaws in the network that make it prone to possible attack by un-authorized user. Assessment of these vulnerabilities provides a way to identify as well as develop innovative strategies in order to protect the network. Number of software applications have been introduced for this purpose. However, majority of the software developers are not fully aware of the security measures that must be introduced in these applications in order to eliminate these vulnerabilities CITATION ANe05 \l 1033 [1]. The main motive for most of these developers is to develop a software application that can run in one desired state. They mainly refuse to take into consideration the possible flaws in the programming language, the higher risk of any user of being under attack through unauthorized access. The software developed with such flaws not only makes the user vulnerable to serious attacks but also network becomes a prone factor by compromising significant security aspects of the users. Thus, it is significantly important to device innovate methodologies and strategies in the development of these software applications.
Accessing as well as eliminating the all vulnerabilities requires in depth understanding and sound knowledge about them. It becomes essential to have basic idea behind the working of these vulnerabilities like the way in which they appear in any system. One must be aware of the flaws needed to be corrected in order to free the whole system from vulnerabilities, alternatives can also be devised for this purpose and how to reduce the risk of them in a proactive manner CITATION NKh11 \l 1033 [2]. Various methods have been introduced for the identification of these vulnerabilities. Some of the methods include attack graph generation, static analysis and vulnerability scanners. This work presents a detailed study of the vulnerability scanners. It also analysis number of vulnerability scanners and make comparison of them based on their identification abilities.
Vulnerability Scanners
A Vulnerability scanner can have access to a variety of vulnerabilities across complete information systems including network systems, software applications, computers and operating systems. It must be able to identify the vulnerabilities that could have originated from system administrator activities, vendors or even everyday user activities. Possible examples of these vulnerabilities include software bugs, web applications, insecure default configurations, lack of password protection or even failure to run virus scanning software CITATION JBa10 \l 1033 [3]. Vulnerability assessment is a proactive approach in which the vulnerability is detected and dealt with before any unauthorized user access this issue. It is also worth noting that most of the focus has always been on the firewall protection but one must also focus on the internal functionality as well. In addition, vulnerability assessment mostly correlates various platforms including operating systems, applications and middleware CITATION HHo11 \l 1033 [4]. Thus, vulnerability scanners are mostly used to run a scan of the whole network system along with the software applications.
Types of Vulnerability Scanners
Vulnerability scanners can be categorized into two types. These include network based scanners and host based scanners.
Network Based Scanners
As the name suggests, network based scanners normally run over the network. They are mostly installed on a single machine which scans hosts on the particular network. These scanners help to detect vulnerable webservers, misconfigured firewalls, vulnerabilities related to system and network administrators and risks linked with vendor-supplier software. Network based scanners can be categorized into port scanners, webserver scanners and web application scanners. Port scanners access the number of open network port located in remote systems. An example of pot scanner includes Nmap. Web server scanner access the possible dangerous file in remote webservers. Similarly, web application scanners assess the security issues of web applications on these webservers.
Host Based Scanners
A host based vulnerability scanner is usually installed in the host and gains direct access to the low level data such as configuration details of operating systems. Thus, host based scanners can provide insight information into the vulnerable user activities such as weak or no passwords. These scanners can also provide baseline checks. One example of host based scanners is database scanner. It performs security analysis of authentication, authorization and integrity. Host based scanner are also able to identify potential security risks ranging from security misconfigurations to Trojan Horses.
Working of Vulnerability Scanners
The working of vulnerability scanner is based on its four basic modules namely Scan database, User interface, Scan engine and report module. Firstly, the scan engine executes the required checks based...
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now:

Other Topics:

  • The Task Is About Comparison Of Vulnerability Scanners
    Description: With the advancements in information technology, the security concern of the users in the network is increasing drastically...
    6 pages/≈1650 words| 6 Sources | Other | IT & Computer Science | Lab Report |
Need a Custom Essay Written?
First time 15% Discount!