|
 |
|
Shop
You are here: Resources > Security Scanner
|
|
Tweet |
Security Scanner
A security scanner is usually employed to do port scans of remote systems. In turn, a port scan of a system enables the owner to discover which features are obtainable on a platform and whether or not these services are available through a firewall. A good example of a popular and competent security scanner is the ever-ubiquitous Nmap Security Scanner. Naturally, a scanner of this type will deploy normally known port assignments in order to determine which of the services are operating on a linked port.
For instance, if your security scanner identifies a system's TCP port 80 as exposed, it should report that the port is vulnerable for HTTP (which is the standard used for website hosting).By default, this doesn't necessarily mean that a web server is currently executing and exploiting your system vulnerabilities; there's the possibility that the administrator merely wants to be crafty and conceal an active SSH service on TCP port 80 because he knows that a default scan won't be able to detect it.
Conducting a Service Scan
In order to discern which service is truly running on any given port, a security scanner has a "service scan" feature that's responsible for extra tests and examinations against an open port, which should determine more data and details about the service operating on a particular port.Whenever a security scan is done under the service scan option, the following events should automatically happen:
- A service scan enables the security scanner to carry out additional examinations on each open port in order to establish which service is truly executing on the port.
- If an IP address is specifically targeted by the scan, the security scanner will try to conduct a reverse DNS lookup in order to determine the FQDN of the scanned host or hosts.
- The system will be inspected for the one thousand most frequently used TCP ports. Moreover, the type of scan that will be performed is a normal SYN scan.
- Security scanners will also scan the ports in random order to ensure better scanning results that's not limited by a fatal predictability that most self-respecting attackers could easily bypass.
- If you'd rather that your system's ports are scanned in a more sequential or logical order (for the sake of, say, examining your IDS/IPS capabilities), there should be options available in your security scanner to do just that.
Read more about our services and products here: About SecPoint, IT Security Products, and IT Security Jobs.
 |
Awards & Reviews | |||||
|
||||||
|
|
Subscribe to our Mailing List |
|
|
|
|
Customer References | |
|
||
