Remote Scan vulnerability for cloud security

This article describes the benefits of using remote vulnerability scanning services in the cloud. This service can be loaded by any system from anywhere, as if a remote entity managed by a third party. The Open Source Vulnerability analysis tool can help open, comprehensive review of cloud security. Vulnerability analysis is only part of ensuring server security. Clearly, it is a big step in the right direction to precisely define a vulnerability assessment policy.


　　


1, Introduction


　　


for any security policy, vulnerability assessment is an important aspect. Now, attacks on Internet hosts are increasingly driven by interest, so they are more cunning and more widely distributed.


　　


It seems a lot harder to protect all the Web servers, but most of the attacks that hackers initiate can be avoided.


　　

The
server configuration does not meet the requirements or the tools used are not updated and can easily lead to a large number of Internet servers being attacked. Because hackers are easy to find and exploit server vulnerabilities. It is not difficult to make sure that the server is up to date and there are no configuration errors, but these tasks are ignored due to time constraints.


　　

The
vulnerability assessment helps identify errors in the server's security configuration and also helps to uncover software vulnerabilities that require patches to be installed.


　　


can help your organization achieve scale benefits by leveraging remote vulnerability assessments in the cloud. Because configuration and management assessment tools do not require expertise, you can also assess your organization's vulnerabilities.


　　


2, an increasingly serious threat scenario


　　

The simplification of
attack automation and access exploits is the main reason why servers are increasingly threatened. In fact, if you want to prove how easy it is, you can access http://www.milw0rm.com, select a recent Web application vulnerability, and then enter "Googledork" in Google--for example, " Poweredbyscriptname ", in five minutes, look at all the pages on the server you can find how many vulnerabilities.


　　


3, the common carrier of the loophole


　　


3.1 improperly configured server


　　


confusing file permissions, improperly configured Web or email servers, or when the time is ticking, you're still stuck in a temporary patch update--improperly configured servers are everywhere, and often because time constraints aren't too much to consider, making it even a system administrator.


　　


3.2 Software has not been updated


　　


server operating systems and applications need to be updated, which is not optional. With Windows Updates, yum, and apt tools, you can help update reduce a large number of host vulnerabilities, but many hosts will still be ignored. This is only a matter of time when a faulty service is discovered and the system suffers.


　　


3.3 Web Script


　　


PHP and ASP applications and scripts are an effective way to implement Web page dynamics, but when there is a security update available, such as the operating system and software must be guaranteed to be updated. A good example of this is WordPress blog software, we chose WordPress not because it is particularly unsafe, but because it represents a widely popular script--once exposed some dangerous security vulnerabilities in the past. These scripts need to be constantly updated because they are easy to ignore-until your blog is attacked and you embed a malicious page to attack your browsing user.


　　


3.4 Password is not safe


　　


on the Internet is essential to use strong passwords, viewing the host and internet records is a very simple thing, it is also easy to find how long the system will probably be brute force attack once. Brute force attacks can jeopardize many service items, including Ssh,rdp,ftp,web forms and VNC.


12 Next