Ethical Hacking - Vulnerability Analysis

In simple word, vulnerability is a weakness in a computer system or network. Let’s take a real-life example – You have parked your car in a road, but you forgot to lock your car. Hence, your car is vulnerable to a thief, because a thief can easily steal your car.
    Vulnerability analysis is a part of the scanning phase. Vulnerability Analysis or Assessment can be defined as a process of examination and identification of system or network weakness. The identified vulnerabilities are use by attackers to exploit the target system or network. Vulnerability analysis helps to classify the security vulnerabilities and ranked according to their severity.

Types of Vulnerability Assessments
(1) Active Assessments: It is the process of assessment, which includes actively sending requests to the live network and the response is examined to identify vulnerabilities.
(2) Passive Assessments: It is the process of assessment, which includes packet sniffing to identify vulnerabilities, running services, open ports and other information.
(3) External Assessments: This assessment is carried out from a hacker’s point of view. It helps to identify and estimate the vulnerabilities from outside.
(4) Internal Assessments: In this assessment, the internal network is examined to identify the vulnerabilities.

Vulnerability Assessment Life Cycle
It is an important process to identify the vulnerabilities and take remediation before they can be exploited. It help organizations to evaluates and control the security vulnerabilities. Vulnerability Assessment Life Cycle includes the following phases -
  • Identify Assets and Create a Baseline
  • Vulnerability Scan
  • Risk Assessment
  • Remediation
  • Verification
  • Monitor

Identify Assets and Create a Baseline: In this phase, the critical assets are identified and ranked according to their priority. This phase involves the collection of information about the identified assets or systems, software, ports, its configuration and so on. This helps to create an effective baseline for assessment.
Vulnerability Scan: In this phase, scanning is crucial to identify security vulnerabilities. The security analyst performs the vulnerability scan using some tools to identify the vulnerabilities in the system or network.
Risk Assessment: In this phase, the identified security vulnerabilities are assessed and prioritized according their impact. It helps to determine, whether the identified vulnerability for the particular assets is critical, high, medium or low.
Remediation: Remediation is planned base on the determined risk level of the identified vulnerability. Remediation is the process of fixing the identified vulnerability. It helps to minimize the security risk of any particular assets.
Verification: In this phase, the system or network is re-scan to verify whether the identified vulnerability is fixed or not.
Monitor: The system or network should be monitored regularly to maintain its security. Regular monitoring helps to identify new security vulnerabilities. Firewall and IDS/IPS must be implemented to secure the system or network.