2.3 Commercial Network Scanning Tools

Commercial scanning packages are used by many network administrators and those responsible for the security of large networks. Although not cheap (with software licenses often in the magnitude of tens of thousands of dollars), commercial systems are supported and maintained by the respective vendor, so vulnerability databases are kept up-to-date. With this level of professional support, a network administrator can assure the security of his network to a certain level.

Here's a selection of popular commercial packages:

  • Core IMPACT (http://www.corest.com/products/coreimpact/)

  • ISS Internet Scanner (http://www.iss.net)

  • Cisco Secure Scanner (http://www.cisco.com/warp/public/cc/pd/sqsw/nesn/)

A problem with such one-stop automated vulnerability assessment packages is that increasingly, they record false positive results. When professionally scanning large networks, it is often advisable to use a commercial system such as ISS Internet Scanner to perform an initial bulk scanning and network service assessment of a network, then fully qualify vulnerabilities and investigate network components by hand to produce accurate results.