| In the war zone that is the modern Internet, manually reviewing each networked system for security fl aws is no longer feasible. Operating systems, applications, and network protocols have grown so complex over the last decade that it takes a dedicated security administrator to keep even a relatively small network shielded from attack.
Each technical advance brings new security holes. A new protocol might result in dozens of actual implementations, each of which could contain exploitable programming errors. Logic errors, vendor-installed backdoors, and default confi gurations plague everything from modern operating systems to the simplest print server. Yesterday’s viruses seem positivelytame compared to the highly optimized Internet worms that continuously assault every system attached to the global Internet.
To combat these attacks, a network administrator needs the appropriate tools and knowledge to identify vulnerable systems and resolve their security problems before they can be exploited. One of the most powerful tools available today is the vulnerability assessment, and this chapter describes what it is, what it can provide you, and why you should be performing them as often as possible. Following this is an analysis of the different types of solutions available, the advantages of each, and the actual steps used by most tools during the assessment process. The next section describes two distinct approaches used by the current set of assessment tools and how choosing the right tool can make a signifi cant impact on the security of your network. Finally, the chapter closes with the issues and limitations that you can expect when using any of the available assessment tools. |