Finding and fixing problems caused by vulnerability scanning

Security expert Raj Samani discusses what can be done when an organisation's vulnerability management program crashes corporate severs.

I have a vulnerability management program within my organisation, but it continually crashes one of my servers even though it's supposed to be non-intrusive. I now have stopped scanning that box, what other alternative is there?
Stopped scanning? Do you think potential attackers will avoid your system because a potential DOS condition occurs? No, they won't. You have to find out what application/service is the root cause of the problem and then either remove it, or upgrade it to a more stable version. Unfortunately, it may be a little painful because you have to undergo a process of elimination (e.g. scan one port, see if it happens again, or disable services and see if it happens) so the system may be up and down until you nail the problem. However I must stress that fixing the problem is important. Find out what is causing the problem, because if you have a vulnerable system, do nothing about and a serious incident happens, guess who will be held accountable?
This was last published in May 2008

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...