To understand, first, it is important to know what is a vulnerability. So, in the field of Cyber Security, the vulnerability can be defined as the weakness of the computer system which can be exploited by attacking the system to perform unauthorized actions and for gaining unauthorized access to a system. The attacker can be do almost anything with the system such as data breaching(stealing sensitive information), installing malware on the system, etc.
Now, let us understand what is Vulnerability Scanning. Vulnerability Scanning is the process of searching for vulnerabilities in a computer system. It is done by a Vulnerability Scanner. A vulnerability scanner is a software designed for testing applications or computers for vulnerabilities. It identifies and creates a directory for each process connected to the system(eg. firewalls, servers, networks, etc). Vulnerabilities are identified from misconfigurations and flawed programming within a given network. The probability of risks in a system is identified by the vulnerabilities present.
Working of Vulnerability Scanning
The vulnerability scanning works on a three-step procedure. They are as follows:
- Vulnerabilities Identification
- Analysis of the risk possessed by vulnerabilities found
- Operations against the identifies Vulnerability
1. Vulnerabilities Identification: Vulnerabilities can be identified by the Vulnerability Scanner. The efficiency of the vulnerability scanner depends on the ability to gather information on the system, identify the open ports, devices, etc.
2. Analysis of the risk possessed by vulnerabilities found: This step is very crucial for the team who are performing the vulnerability scanning. This step decides:
- The critical impact on the system if the vulnerability is exploited.
- The Easiness in exploiting the vulnerability
- Whether the security measures that are already present are sufficient for reducing the risk of vulnerability
3. Operations against the identified Vulnerability: The vulnerabilities identified by the scanner must be patched or fixed so that they can no longer harm the system or can be exploited by the attacker. But, a simple fix is not available for the vulnerability, therefore, we have two choices:
- The vulnerability can be ignored. This can be done when risk is low.
- The second option can is the vulnerable system can be ceased, or other security measures can be added so that the vulnerability cannot be exploited.
Types of Scanning
1. External Vulnerability Scanning: This type of scanning is carried out from outside the network of an organization. This scan targets the areas that are connected to the internet or the applications that are needed by external users or customers.
2. Internal Vulnerability Scanning: This type of scan is carried out from inside the organization. Its target is to successfully identify and detect vulnerabilities that can be exploited by an attacker. An attacker can be anyone who wants to gain unauthorized access or can be employees from inside the organization who have access to the sensitive information of the organization.
3. Unauthorized Scanning: This type of scanning searches for vulnerabilities within an organization’s network perimeter.
4. Authorized Scanning: This type of scanning allows the vulnerability scanners to probe inside a network by providing them with privileged credentials to check for weak passwords, misconfigured, or flawed programming of applications, or misconfigured database.
Here, are the security measures that are taken by the cybersecurity team to ensure that malware and vulnerabilities are less likely to be identified by any kind of attack.
1. Breach and Attack Simulation(BAS) Technology: To test network defenses, the BAS technology itself tends to be an attacker. The tools run various scans and attacks to check for the capabilities for the prevention, detection, and efficiency of the defense of the targeted network.
2. Application Security Testing: This type of testing is done to ensure the correct working of the application, to prevent critical data from exposing to external threats, to check the misconfiguration in the application’s code. It is done to check the security of the application, weaknesses, and vulnerabilities. It helps to identify and prevent vulnerabilities exploitation,
Listed below are some of the open-source Vulnerability Scanners.
- Nexpose Community
- Metasploit Framework
- Aircrack -ng
- How to find time taken by a command/program on Linux Shell?
- Terminal Mail and Linux Security Mail
- Linux Virtualization - Chroot Jail
- Linux Virtualization : Linux Containers (lxc)
- Linux Kernel Module Programming: Hello World Program
- Formatted text in Linux Terminal using Python
- Some useful Linux Hacks
- Daily life Linux Commands
- Basic Linux Commands for day to day life
- Initializing and Cache Mechanism in Linux Kernel
- How to add "graphics.h" C/C++ library to gcc compiler in Linux
- Working with Magic numbers in Linux
- Reset a lost Linux administrative password and Explanation
- dup() and dup2() Linux system call
- Encrypt/Decrypt Files in Linux using Ccrypt
- Linux File Hierarchy Structure
- mindepth and maxdepth in Linux find() command for limiting search to a specific directory.
- Network configuration and trouble shooting commands in Linux
- Netstat command in Linux
- Program to show that Linux provides time sharing environment to processes
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.