How Vulnerable is Your Network?

Threat analysis and Vulnerability assessment is becoming an essential part of network and system administration. It helps in securing the network against the bad guys. The basics are trying to find loop holes and weaknesses in

• Operating systems and services (user accounts, passwords, fax, file sharing, memory, etc…)
• Application (browser, email clients etc…)
• Network Configuration and devices (routers, gateways etc…)

By identifying security problems through a mixture of technology and using risk management software the administrator saves a lot of time. These security risk management tools are made to check known attacks and exploits.

Steps in a vulnerability Scan

Vulnerability scanning is achieved through the following steps.

• Network Discovery through ICMP-Internet Control Message Protocol. Ping the target system and look for a response. If ECHO_REPLY (type 0) is received the target is alive.
• Individual ports are scanned in continuation or in stealth mode where the ports are checked out over a period of time. Port vulnerability assessments are to find what services of the computer are active and which can be attacked. Operating system, Service packs and Kernel releases are some of the information that the port vulnerability assessments collect. Port scan does not detect vulnerability. Vulnerability must be tested by sending some damaging information to the host that is scanned.
• The networks vulnerability scanners send damaging information and analyze the data and generate the report and detail potential vulnerabilities and patches.

What are scanned?

Vulnerability assessment tools are of different kinds. Some of the scans are intrusive while others are stealth. The entire purpose of the scan is to find flaws and signs of compromise. The aspects that are scanned are

• Registry entries for any changes and malicious entries
• Known software bugs in the operating system and applications
• Misconfigurations in any services of the operating systems, applications or services of the target devices.
• Known Backdoors and Trojans
• Insecure accounts
• Services that are not necessary but open and running

What is Risk Management

Risk management is knowledge about the report the vulnerability scanner and employing enterprise risk management software or any other software that can protect the network. It has to be a step ahead in protecting your network from known as well as unknown vulnerabilities. There ought to be a balance between absolute security and absolute access.

• A policy framework of security for its employees
• A training and awareness program for its employees
• Firewalls and software’s for intrusion detection and prevention

Continue to : Choosing your vulnerability scanner

Related Articles

Can You Find Out who is Intruding Your PC?
Effective Tips: Prevent Network Attacks with Firewalls
Top Network Security Products
Hacking and Network Security