Vulnerability scanning

Vulnerability scanning is a security technique used to identify security weaknesses in a computer system

Vulnerability scanning can be used by individuals or network administrators for security purposes, or it can be used by hackers attempting to gain unauthorized access to computer systems.

 Network Vulnerability scanner

  • GFI  languard
  • Qualys
  • Core impact
  • Nexpose
  • NSE-nmap scripting engine


  • Nessus is a proprietary vulnerability scanner developed by Tenable Network Security
  • It is free of charge for personal use in a non-enterprise environment
  • Two main tools of nessus are:- nessus daemon and nessus.

Nessus Operations

Nessus allows scans for the following types of vulnerabilities
Vulnerabilities that allow a remote hacker to control or access sensitive data on a system

Misconfiguration (e.g. open mail relay, missing patches, etc.).

Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack

Denials of service against the TCP/IP stack by using malformed packets

How to use nessus tool to scan a network for vulnerabilty?

  • Step 1- install  and download nessus.
  • Step 2-setup your nessus account and enter activation code.
  • Step 3-start a vulnerabaility scan.
  • Step 4-make sense of the results.
  • Step 5-after scan is complete , click on the redemption tab and you will find security holes.

Gfi Languard

  • GFI LanGuard acts as a virtual security consultant offering:
  • –Graph Arrow UP Network and software auditing
  • –Cross Patch Management for Windows®, Mac OS® and Linux®
  • –Caution Vulnerability scanning for computers and mobile devices

Features Of Languard

  • Patch Management. Outdated patches make networks more susceptible to digital threats. …
  • Centralized Network Analysis. With GFI LanGuard, companies receive a full analysis of the state of their network. …
  • Device Inventory. … •Early Threat Detection. … •Security Compliance.

How Gfi Languard Works?

SCAN:- Scan network devices to detect vulnerabilities, missing patches, open ports, running services and more

ANALYZE:–View the network security status and analyze network security trends in the graphical dashboard and by generating reports.

REMEDIATE:- Install missing updates, uninstall unauthorized applications, execute scripts, open remote desktop connections and run other tasks to maintain the health of your network and devices connected to it

Basic Scanning And Auditing Of Network Devices

Install GFI LanGuard on a server that meets the system requirements to run scans and audits of computers and devices

GFI LanGuard creates a remote session with the specified scan targets and audits them over the network.

GFI languard agents

Agents minimize network bandwidth utilization because audits are done using the scan target’s resources and only a result XML file is transferred over the network

Devices that have a GFI LanGuard agent installed will be scanned even if the device is not connected to the company network and are more accurate that agent-less scans because agents can access more information on the local host.

Agents send scan data to GFI LanGuard through TCP port 1072. This port is opened by default when installing GFI LanGuard

Relay Agents

relay agents download patches and definitions directly from the GFI LanGuard server and forward them to client computers. The main advantages of using relay agents are

Reduced bandwidth consumption in local or geographically distributed networks

If a Relay Agent is configured on each site, a patch is only downloaded once and distributed to client computers

Reduced hardware load from the GFI LanGuard server component and distributed amongst relay agents

Using multiple Relay Agents increases the number of devices that can be protected simultaneously

The GFI LanGuard Central Management Server

GFI LanGuard Central Management Server is aimed at very large networks that want to monitor the operation of multiple GFI LanGuard instances in one central console

It offers administrators a view of the security and vulnerability status for all computers, networks or domains managed by the different GFI LanGuardinstances

QUALYS provides  cloud security,compliance and related services

Qualys was the first company to deliver vulnerability management solutions as applications through the web using a “software as a service” (SaaS) model

Core Impact

Core impact focuses on protecting  sensitive data by ensuring that systems are operating from a secure environment

Some of the features are:-

  • –Impact has the largest amount of commercial grade exploits
  • –Pivoting across multiple systems and vectors.
  • –Privilege escalation. –Cost of setting up a red team is flexible.


Nexpose to scan a network for vulnerabilities.

Nexpose identifies the active services, open ports, and running applications on each machine, and it attempts to find vulnerabilities that may exist based on the attributes of the known services and applications

Nexpose discloses the results in a scan report, which helps you to prioritize vulnerabilities based on risk factor and determine the most effective solution to implement

Nexpose integrates with Metasploit Pro to provide a vulnerability assessment and validation tool that helps you eliminate false positives, verify vulnerabilities, and test remediation measures


OpenVAS (Open Vulnerability Assessment System, originally known as GNessUs) is a software framework of several services and tools offering  vulnerability scanning and vulnerability management

All OpenVAS products are free software, and most components are licensed under the GNU General Public License (GPL). Plugins for OpenVAS are written in the Nessus Attack Scripting Language, NASL

NSE- Nmap scripting engine

It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap

NSE- Nmap scripting engine

How NSE works?

  • –Step1-network discovery
  • –Step2-more sophisticated   versions
  • –Step3-vulnerability detection
  • –Step4-backdoor detection
  • –Step5-vulnerability exploitation

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *