Shulou(Shulou.com)06/01 Report--

What this article shares to you is about Linux system vulnerability scanning and assessment tools, which the editor thinks is very practical, so I share it with you to learn. I hope you can get something after reading this article. Let's take a look at it with the editor.

1. Nmap

Nmap is a common tool that can be used to determine the layout of a network. We can use Nmap on the network to find host systems and open ports for those systems.

1. Install Nmap.

This article is only a brief introduction. For more help, please enter nmap-help on the command line or consult the relevant official (Nmap Free Security Scanner, Tools & Hacking resources) materials.

II. Nessus

Nessus is the most widely used system vulnerability scanning and analysis software in the world. In total, more than 75000 organizations use Nessus as software to scan the agency's computer systems. Nessus is a full-service security scanner. The plug-in structure of Nessus allows users to customize their systems and networks. Like other scanning software, Nessus can only play a role in the signature database on which it depends. Nessus is updated frequently and has comprehensive reporting, host scanning, and real-time vulnerability search capabilities. However, false positives and omissions may also occur in Nessus. This is a fee-based software that can be used for 7 days for ordinary users.

The official website is: Nessus Product Family

III. OpenVAS

OpenVAS (Open Vulnerability Assessment System, Open vulnerability Assessment system) is a set of tools and service systems that can be used for vulnerability scanning and comprehensive vulnerability management. The OpenVAS framework provides a number of web -, desktop -, and command-line-based tools to control the different components of the solution. The core function of OpenVAS is its security scanner, which can use more than 33000 daily updates of network vulnerability testing (NVT, Network Vulnerability Test). No subscription is required to use OpenVAS. In a later article, I will introduce the installation and use of this software in detail.

IV. Niktou

Nikto is an outstanding Universal Gateway Interface (CGI,common gateway interface) script scanner. Nikto can not only be used to check for CGI vulnerabilities, but also can be run in an evasive manner in order to avoid intrusion detection systems. The complete documentation provided by Nikto should be carefully checked before running the program. If you have a network server that provides CGI scripts, Nikto is a good resource for checking the security of such servers.

The above are the Linux system vulnerability scanning and assessment tools, the editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.