Finding and fixing problems caused by vulnerability scanning

Security expert Raj Samani discusses what can be done when an organisation's vulnerability management program crashes corporate severs.

I have a vulnerability management program within my organisation, but it continually crashes one of my servers even though it's supposed to be non-intrusive. I now have stopped scanning that box, what other alternative is there?
Stopped scanning? Do you think potential attackers will avoid your system because a potential DOS condition occurs? No, they won't. You have to find out what application/service is the root cause of the problem and then either remove it, or upgrade it to a more stable version. Unfortunately, it may be a little painful because you have to undergo a process of elimination (e.g. scan one port, see if it happens again, or disable services and see if it happens) so the system may be up and down until you nail the problem. However I must stress that fixing the problem is important. Find out what is causing the problem, because if you have a vulnerable system, do nothing about and a serious incident happens, guess who will be held accountable?

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.