Types of vulnerabilities for which VS software scans can include:
- Open (“listening”) ports
- Unnecessary services
- DDoS agents and similar malware
- Means of remote access (terminal services, PCAnywhere)
- Password crackers
- System configuration errors/unsafe configurations
- Coding flaws/unsafe code
- Missing service packs and security fixes
Vulnerability scanning usually starts with a “discovery” phase, in which active devices on the network are identified and information about them (operating system, IP address, applications installed, etc.) is collected. Good scanners include a reporting function that allows you to prioritize information and customize reports to fit your needs.
Be aware that scanning the network uses network bandwidth and system resources and thus can slow performance when used during productivity periods.
