Vulnerability Scanning Concepts
A vulnerability scanner is a passive scanner that identifies vulnerabilities or weaknesses in a system. For example, there could be a missing update for the operating system, anti-virus solutions, or account vulnerabilities.
A Zero-Day exploit cannot be traced by a vulnerability scanner; the exploit has not yet been identified and has no updates or patches available. Let's look at the type of output a vulnerability scanner could produce:
- Common Vulnerabilities and Exposure (CVE): Massachusetts Institute of Technology Research & Engineering (MITRE) is a non-profit, government-funded organization working out of Bedford Massachusetts that looks at different attack vectors. They produced the Common Vulnerability and Exposure (CVE) list, which looks at computer flaws and can identify the platforms affected. Each flaw has an ID. Please look at the following URL for more information: https://www.cvedetails.com/.
- Common Vulnerabilities...