Review the concept of free versus commercial scanners. Compare features such as mobile and network device assessments, continuous monitoring and predictive analysis of possible attack paths, while monitoring for compliance requirements. Lisa Bock demonstrates the home version of Nessus, to get a taste of the reporting that is done.
- [Voiceover] Many vulnerability scanners…began as open-source products,…but became commercially available…once the full potential was realized.…Although there is a fee for using a commercial scanner,…it's well worth it, as the products have…robust features and easy-to-use interfaces.…SAINT was once an open-source product,…but now is a commercial vulnerability assessment tool.…SAINT runs only on Linux and Mac OS.…However it does provide a number…of features in addition to vulnerability…assessments to ensure compliance.…
SAINT also provides mobile and network device assessments.…And a strong feature is that SAINT is capable…of communicating with Cisco's FireSIGHT,…which is risk data correlation,…and Cisco's Identity Services Engine.…Configuration assessments using…security content automation protocol…automates vulnerability management to ensure…compliance with a number of different regulations,…including PCI, FISMA, HIPAA and SOX,…and is tied to the National Vulnerability Database,…which is the US government's content repository…
This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses. She also introduces some of the tools and techniques that hackers use to counter detection via evasion, concealment, and spoofing. In addition, learn how to reduce the threat of tunneling, a method hackers use to circumvent network security.
Note: Our Ethical Hacking series maps to the 18 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50). This course maps to the 03 Scanning Networks domain.
- Scanning overview
- Port scanning countermeasures
- Scanning and querying DNS
- Scanning with ICMP
- Mapping (or blueprinting) a network
- Scanning for vulnerabilities
- Using tools such as hping and NetScan
- Evading detection
- Concealing your network traffic
- Preventing tunneling
Skill Level Intermediate
1. Scanning Overview and Methodology
2. Identifying Live Systems Using Protocols
3. Blueprint the Network
4. Vulnerability Scanning
Commercial and free scanners3m 17s
5. Scanning Tools
6. Evading Detection
7. Concealing and Spoofing
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.