If your network is in any way connected to the Internet, the security of your network is being put to the test. Your Internet-facing servers are being probed by hackers looking for ways to damage your resources or steal them. It is important that no holes are left unplugged which would allow hackers easy access.

Each and every day, we hear news of hacks on high profile companies – the ones that have a lot of network assets, but also the budget to secure them. Most companies have a tight IT budget, which needs to be shared between new software and hardware purchases and securing these assets. Unfortunately, security is generally an afterthought and rarely given importance.

Wouldn’t it be great if you could gain an advantage by having access to the same information that hackers have when scanning your network? Acunetix Vulnerability Scanner uses the same techniques that hackers use to gather information about your Internet-facing servers. In the wrong hands, this data would allow an attacker to at the very least lay the base for an attack. In your hands, it would allow you to prioritize the work required to secure your servers.

Which Servers Should I Scan?

Start off by launching scans to the firewall or router that is hosted on your public IP address. This will automatically scan any services which are running on a different server, and which are exposed on the Internet via Port Address Translation.

In addition, if you have any services, such as a website, hosted on a server at a hosting provider, it would be a good idea to scan this server too. You might need to check with your hosting provider before you launch any scans.

Using the Acunetix Vulnerability Scanner, you can test both the security of the server and the security of any web applications running on the same server.

Will a Network Scan Affect the Performance of My Servers?

Security scans from Acunetix are designed so as to be the least obtrusive. Although the scan does probe your servers and services, the probing is not meant to damage or put your services offline. The performance of the server is minimally impacted during a network or web security scan.

What Information Should I Expect from an Acunetix Vulnerability Scanner Network Vulnerability Scan?

A network security scan will identify various vulnerabilities and will report on the information which is being exposed. The network scan results will include:

  1. Vulnerable versions of Operating Systems or other software which is running on the scanned target.
  2. Services using old versions of known protocols, such as older versions of SSL, which are deemed to be less secure than the newer ones.
  3. Services using default accounts and/or weak passwords, or where anonymous access is allowed.
  4. Services that are running vulnerable to DoS attacks, or configured in a way that would make them easy targets for DoS attacks.
  5. Unknown services running on an open port, which might indicate malware such as Trojans.
  6. Services that are exposing too much information, such as the version of the software being used, or any plugins that are installed with the service. This information can all come handy to the attacker, thus it would be ideal to disable your services from exposing too much information.
  7. Detection of proxy servers which might be used by the organization. Connections from these servers are generally trusted, and hackers often target these servers too as part of their attack.
  8. The disclosure of internal resources, such as internal IP address/hostnames, and or paths on the server being scanned.
  9. Detection of misconfigurations or vulnerabilities that might result in your servers being used as a launchpad for attacks against third-parties.
  10. The network scan also includes a full port scan, and each port identified is probed in great detail.

Should I Close All Open Ports Detected during a Network Scan?

A network security scan includes a port scan, which identifies all the ports on which a service is listening. You should identify which services are required on the scanned server, and close off any other ports. This can often be done by disabling the service listening on the specific port. You might also want to verify your firewall configuration to see why the specific service was being exposed to the Internet.

What Should I Do Once a Vulnerability Has Been Identified?

Resolving a vulnerability identified during a network scan depends on the vulnerability itself. In some situations, you just need to upgrade to the latest version of the operating system or software being used. In other cases, the solution would entail configuring the software correctly. In most cases, the Acunetix Vulnerability Scanner will provide suggestions on how to address the issue reported, and links to additional information.

SHARE THIS POST
THE AUTHOR
Nicholas Sciberras
Principal Program Manager
As the Principal Program Manager, Nicholas is passionate about IT security and technology at large. Prior to joining Acunetix in 2012, Nicholas spent 12 years at GFI Software, where he managed the email security and anti-spam product lines, led multiple customer service teams, and provided technical training.