Vulnerability scanners allow you to connect to a target system and check for such vulnerabilities as configuration errors and system vulnerabilities. A popular vulnerability scanner is the freely available open source tool Nessus. Nessus is an extremely powerful network scanner that can be configured to run a variety of scans. While a Windows graphical front-end is available, the core Nessus product requires Linux to run.
Microsoft's Baseline Security Analyzer is a free Windows vulnerability scanner. MBSA can be used to detect security configuration errors on local computers or remotely across a network, and is now in its second release. It does have some issues with Windows Update, however, and can't always tell if a patch has been installed.
Popular commercial vulnerability scanners include Retina Network Security Scanner, which runs on Windows, and SAINT, which
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
runs on various Unix/Linux versions.
Ethical hacking tools and techniques
Introduction
Information gathering
Port scanning
Vulnerability scanning
Password cracking
About the author
Russell Dean Vines is a bestselling author, Chief Security Advisor for Gotham Technology Group, LLC, and former President of the RDV Group. His most recent book is The CISSP and CAP Prep Guide, published by John S. Wiley and Sons. He is available to answer your security threat questions via Ask the Expert.
This was first published in April 2007