PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
January 2004

Passive scanning: A new take on network vulnerability scanning

Network vulnerability scanning has traditionally been an active operation: Systems are probed, prodded and occasionally crashed. Vulnerability scanning can be a dangerous operation. For many enterprises, the cost of active scanning is so high -- downtime, aggravation, finger pointing -- that it's relegated to a semiannual event. Also, active scanning yields extremely sensitive security information that can be misused. Alternatively, the idea behind passive scanning is that systems expose a lot of information about themselves in normal communications. Active scanning can discover more, but passive scanning may be enough to help target-based IDS. For example, by watching TCP connection establishment and teardown and application-layer banners, a passive IDS scanner can make a fairly good guess as to the operating system running on the communicating systems, and application types and version information. We ran NeVO, Tenable Network Security's passive scanner, and found the output to be very accurate. Operating systems, application ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...

-ADS BY GOOGLE

Close