From the course: CompTIA Security+ (SY0-601) Cert Prep: 8 Network Security Design and Implementation

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

Vulnerability scanners

Vulnerability scanners

- [Instructor] Vulnerability scanners go much deeper than port scans. Instead of simply checking to see what ports are open, they dig into the details of what services are using those ports. They also have a database of all known vulnerability exploits and test the server to see if it contains any of those vulnerabilities. The reports from vulnerability scanners provide important information for system remediation. In the hands of an attacker, however, that remediation information can be a roadmap for exploitation. One popular vulnerability scanning tool is a web-based tool called Nessus. I have that running on one of my servers. Let's try scanning the same windows server that we end mapped using Nessus. So here's the web interface for Nessus, running a scan of that windows server. Now Nessus scans can take a while to complete, the amount of time that it takes to complete a Nessus scan varies based upon the number of…

Contents