Advanced AI Cyber Security
Powerful Lethal Attack Technology

You are here: SecPoint & IT Security News

How can I scan my network for Vulnerabilities?

I want to scan my network for security vulnerabilities how can I do it easily?

It is recommended to scan your network for security vulnerabilities on a daily basis.

New high risk vulnerabilities coming out daily

New vulnerabilities are coming out on a daily basis from low risk to highly severe.

By scanning your network for vulnerabilities you can discover the weak areas where attackers can easily break in.

Attackers tend to first target the most weak parts of your network to gain access.

Popular vulnerabilities that attackers are typically targeting for easy access are:

SQL Injection Vulnerabilities

Attackers number one favorite attack form is to target vulnerable .php .asp forms that are connected to a SQL database behind.

A SQL database can be like Mysql, Microsoft SQL, Postgresql, Oracle or other similar vendors.

Once the frontend interface interact with a SQL database behind it then

In a normal SQL Injection the attacker injects SQL statements such as ' - that will then manipulate the web application to give data back from the SQL Database running behind.

This can be allowed to happen if the input form lacks proper validation protection to sort out malicious characters which will allow to manipulate the SQL Database behind.

Most input forms lacks this validation or they just have a light validation that creative attackers can easily bypass.

Blind SQL Injection Vulnerabilities

Blind SQL injection is similar to the normal SQL Injection.

The difference is that the target web application will not show the database errors.

This makes it difficult for the attacker to know if there was success on the attempts to manipulate the database.

Hence the Blind word being used.

Just because the target SQL database do not return the errors do not mean it is not vulnerable.

Attackers use then 2 forms of blind sql injection such as Content based Blind SQL Injection and Time Based SQL Injection.

Content based SQL Injection When an attacker try to inject code nothing is shown.

They can be looking for a query that should return true and observe the output.

If the database return different than true to a query they can know it is vulnerable. With Time Based SQL Injection the attacker can use the sleep operation.

An attacker sends a query to the database. to make it sleep for a period.

Then wait and see if they can get it to sleep for a short time which can confirm it is vulnerable.

The attackers will send a query with a sleep manipulation and see if there is a delay before return of the query which shows it is vulnerable if there is.

Remote Command Execution RCE Vulnerabilities

RCV vulnerabilities are very popular for attackers since they allow execution of code on the target system.

This way the attacker can often easily upload scripts or run code

which will give them full access on the system or access to sensitive data.

Cloud - Virtual Software or Appliance Vulnerability Scanner

How can I scan my network via Cloud, Software or Appliances?

It depends on your requirements for scanning and what is most easy for you.

With the Cloud Scanner you can scan right away your public IPs/Sites for vulnerabilities without any software installation.

But you wont be able to scan your internal IPs.

With the Virtual Software edition you can easily scan both local and public IPs.

The Appliance versions SFF or 1U Rack also allows for both scanning internal and external IPs but gives a more plug and play solution.

 

The SecPoint Penetrator is available in all forms such as Virtual Software, Cloud Scanner and Appliance version.