Vulnerability Scanning
Now information has been gathered on the target hosts, the specializedsecurity vulnerability scanning tools can be deployed. A mixture of
commercial, white hat hacking groups and underground scanners are
used to provide maximum coverage during this automated phase.
Some of the common tools are detailed here, but this is by no means a
comprehensive list.
ISS Internet Scanner
http://www.iss.net
Internet Security Systems flagship vulnerability scanning product
provides a good set of checks across multiple platforms, and is kept
relatively up to date through regular X-Press updates.
As a commercial tool it cannot be updated as frequently as some of the
script orientated underground tools. However, the thoroughness of the
maximum policy evaluations provides invaluable information for
analysis when attacking a target system.
Retina
http://www.eeye.com
Retina is a frequently updated security scanner focused on NT systems.
It identifies running services, and fully enumerates open shares,
NetBIOS and other system information.
The AI Mining functions allow brute force investigations of potential
buffer overflows - a technique used by the eEye team to discover an IIS
buffer overrun discussed later in the course.
No comments:
Post a Comment