System, method and computer program product for improved efficiency in network assessment utilizing a port status pre-qualification procedure
First Claim
1. A method of minimizing the duration of a risk-assessment scan, comprising:
- a) selecting a plurality of risk-assessment modules for execution during a risk-assessment scan, the risk-assessment modules each including vulnerability checks, and requiring communication via at least one predetermined port;
b) determining a set of ports for communicating with a select number of network components;
c) executing a port scan of only the set of ports associated with the selected risk-assessment modules and the network components, for reducing the number of ports scanned during the port scan, wherein latency is reduced since a port scan involving 65,536 ports is avoided;
d) modifying the set of ports based on the port scan, the set of ports being modified to include only ports available for communicating with the network components;
e) comparing the port associated with each selected risk-assessment module with the modified set of ports; and
f) conditionally disabling the execution of the risk-assessment modules based on the comparison to minimize the duration of the risk-assessment scan.
11 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided for minimizing the duration of a risk-assessment scan. Initially, a plurality of risk-assessment modules are selected each including vulnerability checks associated with a risk-assessment scan. Thereafter, a first set of ports is determined. Such first set of ports is required for communicating with network components subject to the risk-assessment modules associated with the risk-assessment scan. A port scan is subsequently executed on the first set of ports. Based on such port scan, a second set of ports is determined which includes ports unavailable for communicating with the network components subject to the risk-assessment modules associated with the risk-assessment scan. The risk-assessment modules associated with the second set of ports may then be disabled to minimize the duration of the risk-assessment scan.
-
Citations
15 Claims
-
1. A method of minimizing the duration of a risk-assessment scan, comprising:
-
a) selecting a plurality of risk-assessment modules for execution during a risk-assessment scan, the risk-assessment modules each including vulnerability checks, and requiring communication via at least one predetermined port; b) determining a set of ports for communicating with a select number of network components; c) executing a port scan of only the set of ports associated with the selected risk-assessment modules and the network components, for reducing the number of ports scanned during the port scan, wherein latency is reduced since a port scan involving 65,536 ports is avoided; d) modifying the set of ports based on the port scan, the set of ports being modified to include only ports available for communicating with the network components; e) comparing the port associated with each selected risk-assessment module with the modified set of ports; and f) conditionally disabling the execution of the risk-assessment modules based on the comparison to minimize the duration of the risk-assessment scan.
-
-
2. A computer program product embodied on a computer readable medium for minimizing the duration of a risk-assessment scan, comprising:
-
a) computer code for selecting a plurality of risk-assessment modules for execution during a risk-assessment scan, the risk-assessment modules each including vulnerability checks, and requiring communication via at least one predetermined port; b) computer code for determining a set of ports for communicating with network components; c) computer code for executing a port scan of the set of ports associated with the selected risk-assessment modules and the network components, for reducing the number of ports scanned during the port scan, wherein latency is reduced since a port scan involving 65,536 ports is avoided; d) computer code for modifying the set of ports based on the port scan, the set of ports being modified to include only ports available for communicating with the network components; e) computer code for comparing the port associated with each selected risk-assessment module with the modified set of ports; and f) computer code for conditionally disabling the execution of the risk-assessment modules based on the comparison to minimize the duration of the risk-assessment scan.
-
-
3. A method of minimizing the duration of a risk-assessment scan, comprising:
-
a) selecting a plurality of risk-assessment modules each including vulnerability checks associated with a risk-assessment scan, and requiring communication via at least one predetermined port; b) determining a first set of ports required for communicating with network components subject to the risk-assessment modules associated with the risk-assessment scan; c) executing a port scan of only the first set of ports associated with the selected risk-assessment modules, for reducing the number of ports scanned during the port scan, wherein latency is reduced since a port scan involving 65,536 ports is avoided; d) determining a second set of ports based on the port scan, the second set of ports being unavailable for communicating with the network components subject to the risk-assessment modules associated with the risk-assessment scan; e) disabling the risk-assessment modules associated with the second set of ports to minimize the duration of the risk-assessment scan; f) storing a third set of ports including the first set of ports and excluding the second set of ports; and g) comparing the port associated with each risk-assessment module with the stored third set of ports; h) wherein the risk-assessment module is disabled if the port associated with the risk-assessment module does not match at least one port of the stored third set of ports. - View Dependent Claims (4, 5, 6, 7)
-
-
8. A computer program product embodied on a computer readable medium for minimizing the duration of a risk-assessment scan, comprising:
-
a) computer code for selecting a plurality of risk-assessment modules each including vulnerability checks associated with a risk-assessment scan, and requiring communication via at least one predetermined port; b) computer code for determining a first set of ports required for communicating with network components subject to the risk-assessment modules associated with the risk-assessment scan; c) computer code for executing a port scan of the first set of ports associated with the selected risk-assessment modules, for reducing the number of ports scanned during the port scan, wherein latency is reduced since a port scan involving 65,536 ports is avoided; d) computer code for determining a second set of ports based on the port scan, the second set of ports being unavailable for communicating with the network components subject to the risk-assessment modules associated with the risk-assessment scan; e) computer code for disabling the risk-assessment modules associated with the second set of ports to minimize the duration of the risk-assessment scan; f) computer code for storing a third set of ports including the first set of ports and excluding the second set of ports; and g) computer code for comparing the port associated with each risk-assessment module with the stored third set of ports; h) wherein the risk-assessment module is disabled if the port associated with the risk-assessment module does not match at least one port of the stored third set of ports. - View Dependent Claims (9, 10, 11)
-
-
12. A system for minimizing the duration of a risk-assessment scan, comprising:
-
a) logic for selecting a plurality of risk-assessment modules each including vulnerability checks associated with a risk-assessment scan, and requiring communication via at least one predetermined port; b) logic for determining a first set of ports required for communicating with network components subject to the risk-assessment modules associated with the risk-assessment scan; c) logic for executing a port scan of only the first set of ports associated with the selected risk-assessment modules, for reducing the number of ports scanned during the port scan, wherein latency is reduced since a port scan involving 65,536 ports is avoided; d) logic for determining a second set of ports based on the port scan, the second set of ports being unavailable for communicating with the network components subject to the risk-assessment modules associated with the risk-assessment scan; e) logic for disabling the risk-assessment modules associated with the second set of ports to minimize the duration of the risk-assessment scan; f) logic for storing a third set of ports including the first set of ports and excluding the second set of ports; and g) logic for comparing the port associated with each risk-assessment module with the stored third set of ports; h) wherein the risk-assessment module is disabled if the port associated with the risk-assessment module does not match at least one port of the stored third set of ports. - View Dependent Claims (13, 14, 15)
-
Specification