SYSTEM AND METHOD FOR DETECTING SERVER VULNERABILITY

US 20100235917A1
Filed: 05/22/2009
Published: 09/16/2010
Est. Priority Date: 05/22/2008
Status: Abandoned Application

First Claim

Patent Images

1. A system for detecting vulnerability of servers, comprising:

a check server, wherein the check server collects response information received from one or more service servers in response to at least one predetermined command and detects vulnerabilities of the one or more service servers based on the collected response information;

an administration terminal, wherein the administration terminal displays results of detecting vulnerabilities of the service servers; and

a database, wherein the database stores pattern information concerning the vulnerabilities of the service servers.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for detecting vulnerability of a server are provided. One system includes: a check server for collecting response information with respect to at least one predetermined command from one or more service servers that provide service, and thus may be attacked from outside, and detecting and analyzing vulnerabilities of the service servers based on the collected response information; an administration terminal for displaying the results of detecting and analyzing the vulnerabilities of the service servers; and a database for storing and managing pattern information concerning the detected vulnerabilities. One method includes identifying a server that may be attacked by port scanning, receiving response information with respect to at least one predetermined command from the identified server, detecting and analyzing vulnerability of the server based on the response information, and reporting the result of the detection to an administration terminal.

68 Citations

View as Search Results

27 Claims

1. A system for detecting vulnerability of servers, comprising:
- a check server, wherein the check server collects response information received from one or more service servers in response to at least one predetermined command and detects vulnerabilities of the one or more service servers based on the collected response information;
  
  an administration terminal, wherein the administration terminal displays results of detecting vulnerabilities of the service servers; and
  
  a database, wherein the database stores pattern information concerning the vulnerabilities of the service servers.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein the check server performs port scanning on a plurality of network servers, identifies the one or more service servers from among the plurality of network servers, and transmits the at least one predetermined command to the one or more service servers,wherein the one or more service servers are identified because according to a result of the port scanning the check server determines that the one or more service servers may be attacked from outside.
  - 3. The system of claim 2, wherein one of the one or more service servers is identified because according to the result of the port scanning the check server determines that at least one port on the one of the one or more service servers is open.
  - 4. The system of claim 1, wherein the check server compares the response information with pattern information stored in the database and detects and analyzes the vulnerability of one of the one or more service servers according to a result of the comparison.
  - 5. The system of claim 1, wherein one of the at least one predetermined command is selected from the group consisting of a command requesting access authorization to a service server, a command requesting access to the service server, and a command requesting a specific response.

6. A system for detecting vulnerability of servers, comprising:
- a scanner for identifying at least one service server that provides service and thus may be attacked from outside;
  
  a collector for collecting response information received from the at least one service server in response to one or more predetermined commands; and
  
  an analyzer for detecting and analyzing vulnerability of the at least one service server based on the collected response information.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein the scanner performs port scanning on a plurality of network servers and according to a result of the port scanning identities a service server from among the plurality of network servers whose at least one port is open as one of the at least one service server that provides service and thus may be attacked from outside.
  - 8. The system of claim 6, wherein the collector sequentially transmits the one or more predetermined commands to the at least one service server.
  - 9. The system of claim 6, wherein the analyzer compares the response information with pattern information stored in a database and detects and analyzes the vulnerability of one of the at least one service server according to a result of the comparison.
  - 10. The system of claim 6, wherein the analyzer stores a result of detecting and analyzing the vulnerability of the at least one service server in a database, provides the result to an administration terminal such that an administrator can check the result, or transmits a notification message based on the result to the administrator.

11. A method of detecting vulnerability of servers, comprising:
- storing, in a database, pattern information concerning vulnerabilities corresponding to one or more service servers;
  
  collecting, at a check server, response information from at least one service server in response to at least one predetermined command;
  
  detecting and analyzing, at the check server, vulnerability of the at least one service server based on the collected response information; and
  
  displaying, at an administration terminal, a result of detecting and analyzing the vulnerability of the service server.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11, wherein the detecting and analyzing of the vulnerability of the at least one service server comprises:
    - performing port scanning on a plurality of network servers;
      
      determining, based on a result of the port scanning, that the at least one service server, among the plurality of network servers scanned, may be attacked from outside;
      
      transmitting the at least one predetermined command to the at least one service server;
      
      collecting the response information from the at least one service server in response to the at least one predetermined command; and
      
      detecting and analyzing the vulnerability of the at least one service server based on the collected response information.
  - 13. The method of claim 12, wherein the determining step comprises finding that at least one port on the at least one service server is open.
  - 14. The method of claim 11 wherein the detecting and analyzing of the vulnerability of the at least one service server comprises comparing the response information with the pattern information stored in the database and detecting and analyzing the vulnerability of the at least one service server according to a result of the comparison.

15. A method of detecting vulnerability of a server, comprising:
- identifying a service server that provides service and thus may be attacked from outside;
  
  collecting response information from the identified service server in response to one or more predetermined commands; and
  
  detecting vulnerability of the service server based on the collected response information.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, wherein the identifying of the service server comprises:
    - performing port scanning on a plurality of network servers; and
      
      determining, based on a result of the port scanning, that the service server, among the plurality of network servers scanned, may be attacked from outside.
  - 17. The method of claim 15, further comprising sequentially transmitting the one or more predetermined commands to the identified service server.
  - 18. The method of claim 15, wherein the detecting and analyzing of the vulnerability of the service server comprises:
    - comparing the response information with pattern information stored in a database; and
      
      detecting and analyzing the vulnerability of the service server according to a result of the comparison.
  - 19. The method of claim 15, further comprising storing the result of detecting and analyzing the vulnerability of the service server in a database, providing the result to an administration terminal such that an administrator can check the result, or transmitting a notification message based on the result to the administrator.

20. One or more computer-readable media having computer-useable instructions embodied thereon for performing a method of detecting vulnerability of servers, the method comprising:
- storing, in a database, pattern information concerning vulnerabilities corresponding to one or more service servers;
  
  collecting, at a check server, response information from at least one service server in response to at least one predetermined command;
  
  detecting and analyzing, at the check server, vulnerability of the at least one service server based on the collected response information; and
  
  displaying, at an administration terminal, a result of detecting and analyzing the vulnerability of the service server.
- View Dependent Claims (21, 22)
- - 21. The media of claim 20, wherein the detecting and analyzing of the vulnerability of the at least one service server comprises:
    - performing port scanning on a plurality of network servers;
      
      determining, based on a result of the port scanning, that at least one port on the at least one service server is open;
      
      transmitting the at least one predetermined command to the at least one service server;
      
      collecting the response information from the at least one service server in response to the at least one predetermined command; and
      
      detecting and analyzing the vulnerability of the at least one service server based on the collected response information.
  - 22. The media of claim 20, wherein the detecting and analyzing of the vulnerability of the at least one service server comprises comparing the response information with the pattern information stored in the database and detecting and analyzing the vulnerability of the at least one service server according to a result of the comparison.

23. One or more computer-readable media having computer-useable instructions embodied thereon for performing a method of detecting vulnerability of a server, the method comprising:
- identifying a service server that provides service and thus may be attacked from outside;
  
  collecting response information from the identified service server in response to one or more predetermined commands; and
  
  detecting vulnerability of the service server based on the collected response information.
- View Dependent Claims (24, 25, 26, 27)
- - 24. The media of claim 23, wherein the identifying of the service server comprises:
    - performing port scanning on a plurality of network servers; and
      
      determining, based on a result of the port scanning, that the service server, among the plurality of network servers scanned, may be attacked from outside.
  - 25. The media of claim 23, wherein the method further comprises sequentially transmitting the one or more predetermined commands to the identified service server.
  - 26. The media of claim 23, wherein the detecting and analyzing of the vulnerability of the service server comprises:
    - comparing the response information with pattern information stored in a database; and
      
      detecting and analyzing the vulnerability of the service server according to a result of the comparison.
  - 27. The media of claim 23, wherein the method further comprises storing the result of detecting and analyzing the vulnerability of the service server in a database, providing the result to an administration terminal such that an administrator can check the result, or transmitting a notification message based on the result to the administrator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
eBay Korea Co., Ltd. (E-Mart, Inc.)
Original Assignee
eBay Korea Co., Ltd. (E-Mart, Inc.)
Inventors
Ko, Chang Sup, Kim, Dong Hyun, Ku, Young Bae, Park, Eui Won, Lee, Seung Wan, Jung, Ho Jin, Jin, Sung Hoon

Application Number

US12/471,021
Publication Number

US 20100235917A1
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

H04L 63/1433 Vulnerability analysis

SYSTEM AND METHOD FOR DETECTING SERVER VULNERABILITY

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

68 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

SYSTEM AND METHOD FOR DETECTING SERVER VULNERABILITY

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

68 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others