Printable View
Help me a way out.
I would like to know how does a vulnerabiliy scanner work???
I have gooled on this. I am not much satisfied with the content. I would like to know A-Z about the vulnerabiliy testing and the scanners role at work.
Any URLs and references in this regard are highly appreciated.
Ok neo, It sounds like you what to know about vulnerability scanner's in general so here is something you might want to check out and if your interested you can ask me nicely about the books I have but here is the site.
http://www.securitywatch.com
If you don't like this site here is what I know about scanner's: provides network vulnerability assessment and audit analysis. It provides detailed technical policies and performs scheduled and selective vulnerability probes and assessments of a network's communication services, operating systems, key applications, and routers.
______________________
Today is the past, tomorrow is now!
Hopefully you are asking this legitly and in the name of knowledge I will answer.
To supplement to digitalfades post, most vuln scanners use a database of well know exploits. In turn means that most of them have been patched and are probably not the best to test your network. So I suggest you try and perform your own penatration testing. There are some good books for you to check out at http://safari.oreilly.com They have an excellent library. To stay up to date with the latest and greatest you should check out these sites, most of which have decent mailing lists to go with them.
www.securityfocus.com -- mainly BUGTRAQ
www.theregister.co.uk -- great news site
www.blackcode.com -- sometimes a little slow on the news
http://packetstorm.decepticons.org -- good for tools and source code, geat to find a work around and protect yourself
That is all I have right now, I hope that will lead you in the right direction ;)
.:edit:. You can also see that there are similar threads on AO that will help, here is one:
http://www.antionline.com/showthread...hreadid=234134