| Summary: |
Having established the target's operating system and applications, the next task is to research security vulnerabilities. Vulnerability scanning is the process of proactively identifying vulnerabilities of computer systems on a network. During the attack/exploitation phase, a hacker can exploit those weaknesses in order to gain access to the system. It is therefore essential that these are discovered in a timely manner.
Vulnerability scanning attempts to locate and identify weaknesses in the services and software running on a target machine. Many systems today can be exploited directly with little or no skill when a machine is discovered to have a known vulnerability.
Vulnerability scanning is often performed automatically. Scanners use a database of known vulnerabilities to check for weaknesses on a system.
Vulnerabilities associated with various network devices, servers, host operating systems and their associated network applications are often well documented, reported and patched by their vendors or by the information security community. It is important to mention that there is a difference in the severity of various vulnerabilities. Some vulnerabilities may present little opportunities for an attacker, whereas others will allow you to completely take over and control a machine with a single click of a button. |
Loading previews...
