Vulnerability Scanning


Background.  Vulnerability Scanning occurs when an attacker systematically probes a host for vulnerable and/or exploitable resources, services and/or processes.

There are a variety of tools to help administrators and/or attackers to assess system vulnerabilities.

  • Nmap - a port scanner
    • sends packets to a host
    • generates a list of services the host is running
    • returns the OS type
    • knowing these sorts of things help an attacker know what sorts of attacks will be likelier to work
  • Nessus - more sophisticated than Nmap
    • scans for multiple types of architectures
    • generates a list of vulnerabilities using a list of known attack types
    • details services and which are more exploitable
    • offers suggestions on how to improve the security of your system
    • available as freeware at
  • Security Baseline Advisor - Microsoft

More will be added.