Download active and passive scanner and more Assignments Network security in PDF only on Docsity! Vulnerability scanners can help an enterprise's IT staff identify weaknesses throughout its network, such as ports that could be accessed by unauthorized users and software lacking the latest security patches, helping to ensure network compliance with the organization's security policy. Passive scanners emphasize monitoring network activity, while active scanners are capable of simulating attacks and repairing weak spots. Both types of scanner can co-exist within a network, complementing each other's capabilities. Vulnerability Scanning Basics Vulnerability scanners return data concerning potential security risks that allow IT personnel to view the network the way a potential hacker might, clearly seeing the potential avenues for denial of service attacks or gaining information through packet sniffing. Vulnerability scanners often prioritize the weaknesses they discover, assigning different values to represent the potential damage a hacker could cause within a network by exploiting a specific weakness. This allows network administrators to prioritize repair work by indicating which nodes present the greatest security risks. Active Scanners Active scanners send transmissions to the network's nodes, examining the responses they receive to evaluate whether a specific node represents a weak point within the network. A network administrator can also use an active scanner to simulate an attack on the network, uncovering weaknesses a potential hacker would spot, or examine a node following an attack to determine how a hacker breached security. Active scanners can take action to autonomously resolve security issues, such as blocking a potentially dangerous IP address. Passive Scanners Passive scanners identify the active operating systems, applications and ports throughout a network, monitoring activity to determine the network's vulnerabilities. However, while passive scanners can provide information about weaknesses, they can't take action to resolve security problems. These scanners can check the current software and patch versions on networked devices, indicating which devices are using software that presents a potential gateway for hackers or trojan attacks, and reference this information against public databases containing lists of current patches. A network administrator can set passive scanners to run continuously or to operate at specified intervals.
