How hackers can use vulnerability scanner to quickly assess a server

There are many open source vulnerability scanners that are available to hackers free of charge with the complete source code included. This means that a hacker with minimal scripting or programming knowledge can quickly create a software suite to scan multiple machines on a network, ranges of IPs, or repeatedly scan a host to watch for changes in configuration to exploit newly discovered vulnerabilities.

Once the hacker has the source code from a vulnerability scanner they can modify the code to not only report back vulnerabilities but to also exploit those vulnerabilities. Often as soon as exploits are discovered they are posted to community news groups for the rest of the security expert community to review. These newly discovered exploits are often posted with Proof of Concept (PoC) exploit code or at minimum detailed explanation of how to exploit the newly discovered vulnerability. A hacker can create a simple tool that scans many servers for a new exploit quickly using the open source scanning engine in combination with the PoC exploit code.

<<Previous

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

Next>>

Provided by: Security Innovation, The Application Security Company