Ethical Hacking - Vulnerability Analysis

Vulnerability assessment or analysis is a way of defining, identifying, and classifying security issues or bugs in a computer system or network. This is typically performed using vulnerability scanners, which are capable of identifying device configurations including the type of OS they are running, ports that are open, and the applications that are installed on the target system. With the help of vulnerability scanners, one can easily identify common misconfiguration flaws, accounts with weak or default passwords, unwanted or unused services, and files or directories with weak permissions. The accuracy and coverage of vulnerability assessment also depends on how the scan was performed, either authenticated or unauthenticated :

• Authenticated scan : The vulnerability scanner is provided with valid credentials for the target system (often those of an administrator/root user). This proves to be more effective since it opens up areas of the target system that need authentication. Hence the coverage or surface area of the vulnerability scan is significantly increased.

• Unauthenticated scan : This is a scan where no credentials for the target system are provided to the vulnerability scanner. Hence the scanner scans only those parts of the target system that don’t require any authentication. This results in limited scan coverage of the target system.