// meta tag The Importance Of Using A Vulnerability Scanner For Security | Hackers Enigma

The Importance Of Using A Vulnerability Scanner For Security


One aspect of network security that is often overlooked is checking a network for issues using a vulnerability scanner. Vulnerabilities are issues, weaknesses or misconfiguration in software that an attacker can exploit to gain unauthorized access to his victim’s system. Through the use of a vulnerability scanner, these issues are pinpointed and reported to the administrator.

Perhaps the primary reason why vulnerability scanning is taken for granted is because vulnerabilities are considered to be issues which are fixed through patch management. It is a common misconception that with a patch management strategy, the vulnerabilities found on the network are also being taken care of. This is partially true when considering how a chunk of vulnerabilities are in fact software issues that are fixed by patching, however it is not always the case. Vulnerabilities can be caused by mis-configurations, software that is inherently problematic or even software issues for which the vendor has not yet released a patch.

What can we do about vulnerabilities?

The first step is to see if your system does in fact have any vulnerability and employing an independent QA tester is a good idea. For this you need to use a vulnerability scanner or, although not recommended if your budget is limited, you can run a vulnerability scan manually.

Running a vulnerability scan manually:

It is possible to do a vulnerability assessment without the use of any software, although this will have an intrinsic amount of inaccuracy and will be very time consuming. In order to determine if there are vulnerabilities on your network through a manual vulnerability scan, you should first get a list of applications / services installed on your network. Once the list is available, check each software’s official site to see if there are any issues / insecurities reported by the vendor. Some vendors will also offer guides on how their application should be configured securely. Generally, such guides will also contain information on what configuration options to avoid. This information is very useful and it is definitely a good idea to read them. The next step is to check vulnerability database sites for the latest lists. Sites like the National Vulnerability Database and Bugtraq are a central location for known vulnerabilities – checking these sites regularly in relation to what software is running on your network is highly important.

Running a vulnerability scan using a vulnerability scanner:

A more effective way to do vulnerability scanning is through the use of a vulnerability scanner. These scanners will have a database of vulnerabilities that is automatically updated by the vulnerability scanner vendor whenever a new vulnerability is discovered. An administrator can set up the scanner to automatically scan the network periodically and issue reports when a new vulnerability is detected. It might also offer remediation options or a detailed description of what is causing the vulnerability and what should be done to fix that vulnerability.

Regardless of whether you run a vulnerability scan manually or using a vulnerability scanner, your network should be monitored for vulnerabilities.  Most vulnerabilities will lead to a system compromise of some degree which in turn can result in serious consequences for the business.  Vulnerability scanning is a preventive measure that can potentially save your business’s reputation and assets.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: GFI vulnerability scanner

*All product and company names herein may be trademarks of their respective owners.

11 Comments

  1. Avatar
    Jae Ho Jang June 02, 2011

    Good post!

  2. Avatar
    hackerz June 12, 2011

    Please Read my new post at hungry hackers

  3. Avatar
    Rajneesh Singh September 02, 2011

    Post contain nice security related information

  4. Avatar
    Rajneesh Singh September 02, 2011

    ada

  5. Avatar
    Bill Chipman September 16, 2011

    Customers
    interested in purchasing new restaurant chairs or restaurant tables are often
    pleasantly surprised to realize the vast amount of choices available in restaurant furniture. Restaurant furniture is designed in a vast array of themes, styles and
    colors. The variety available can make it a bit daunting for the customer to
    sort through the various options. This article covers many of the categories
    offered in restaurant chairs at Missouri
    Table and Chair and
    some brief information regarding each. For more details visit @ http://www.gotable.com/ 
      
     

  6. Avatar
    Bestfreelancejob September 17, 2011

    BestFreelanceJob.com
    is the contract work marketplace where clients post contract jobs and freelance
    programmers, graphic designers, translators, consultants and other
    professionals bid for those jobs.

     

    For more
    details visit at:  http://www.bestfreelancejob.com/
     

    Search
    Engine Optimization & Freelance Programming

  7. Avatar
    S Gabri3l September 17, 2011

    Good post. 
    We have SEO Experts at http://seoxl.eu/ 
    We have link wheel and link trundle (new) services,
    Check us out at http://seoxl.eu/

  8. Avatar
    Ranjith Siji October 05, 2011

    Nice Post

  9. Avatar
    Amol Wagh October 10, 2011

    Thanks Rajneesh, I am glad that you like it!

  10. Avatar
    Vrtl33 October 18, 2011

    good post

Leave reply

<

*