System scan is a network-based vulnerability scanner that is able to scan any system with an IP for common vulnerabilities.
System scan’s vulnerability detection is based on both active and passive vulnerability checks. For example, it will attempt to identify the service (product) and its version number. Once that is identified, the system scan checks if that particular software has any known vulnerabilities. In addition to passive scanning based on banner grabbing, system scans also run active checks in an attempt to confirm the existence of certain vulnerabilities or system misconfigurations. It can also identify missing security patches and outdated software if authenticated scanning has been enabled.
Note: System scan is non-disruptive and designed not to cause Denial of Service conditions on your systems.
When you start a system scan, it first performs a port scan of the target and once all the open ports (services) have been identified, they will be assessed for vulnerabilities. These are just some of the systems that can be scanned by the system scan:
- Web servers
- Email servers and gateways
- Routers and switches
- Domain controllers
- DNS servers
- Antivirus gateways
The checks that the scanner runs include the following:
- Detect services and operating systems discovery (UDP / TCP / ICMP)
- Testing for vulnerabilities and misconfigurations in services
- Testing for vulnerabilities and misconfigurations in operating systems
- Testing for vulnerabilities and misconfigurations in network devices
- Secure configuration testing (SSL / SSH)
- Default passwords discovery (operating systems / services / network devices)
All vulnerabilities are reported with a CVSSv2 score, CVE, BID, BugTraq, and other references when available.