System and method for network vulnerability detection and reporting
First Claim
1. A system for determining whether a target computer is on a network, the system comprising:
- a first set of port identifiers stored in a computer-readable medium, each of said first set of port identifiers representing a port used by computers to receive data packets compliant with a first protocol of said network, each of said first set of port identifiers representing a port associated with known network services;
a first set of data packets, each directed to a port represented by at least one of said first set of port identifiers, each of said first set of data packets compliant with said first protocol and transmitted to said target computer via said network;
a first set of acknowledgement packets received via said network in response to said transmission of said first set of data packets; and
a list of host identifiers, each host identifier representing a computer on said network that transmits data in response to a packet sent to said respective computer, a host identifier representing said target computer added to said list of host identifiers if said first set of acknowledgment packets indicates a responsiveness of said target computer;
a second set of port identifiers stored in a computer-readable medium, each of said second set of port identifiers representing a port used by computers to receive data packets compliant with a second protocol of said network, each of said second set of port identifiers representing a port associated with known network services;
a second set of data packets, each directed to a port represented by at least one of said second set of port identifiers, each of said second set of data packets compliant with said second protocol and transmitted to said target computer via said network, at least one of said second set of data packets including data associated with said known network services;
a second set of acknowledgement packets received via said network in response to said transmission of said second set of data packets; and
a host identifier representing said target computer added to a second list of host identifiers if said second set of acknowledgment packets indicates a responsiveness of said target computer, wherein each of said second list host identifier in said second list represents a computer not know to be unresponsive.
10 Assignments
0 Petitions
Accused Products
Abstract
A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.
-
Citations
8 Claims
-
1. A system for determining whether a target computer is on a network, the system comprising:
-
a first set of port identifiers stored in a computer-readable medium, each of said first set of port identifiers representing a port used by computers to receive data packets compliant with a first protocol of said network, each of said first set of port identifiers representing a port associated with known network services; a first set of data packets, each directed to a port represented by at least one of said first set of port identifiers, each of said first set of data packets compliant with said first protocol and transmitted to said target computer via said network; a first set of acknowledgement packets received via said network in response to said transmission of said first set of data packets; and a list of host identifiers, each host identifier representing a computer on said network that transmits data in response to a packet sent to said respective computer, a host identifier representing said target computer added to said list of host identifiers if said first set of acknowledgment packets indicates a responsiveness of said target computer; a second set of port identifiers stored in a computer-readable medium, each of said second set of port identifiers representing a port used by computers to receive data packets compliant with a second protocol of said network, each of said second set of port identifiers representing a port associated with known network services; a second set of data packets, each directed to a port represented by at least one of said second set of port identifiers, each of said second set of data packets compliant with said second protocol and transmitted to said target computer via said network, at least one of said second set of data packets including data associated with said known network services; a second set of acknowledgement packets received via said network in response to said transmission of said second set of data packets; and a host identifier representing said target computer added to a second list of host identifiers if said second set of acknowledgment packets indicates a responsiveness of said target computer, wherein each of said second list host identifier in said second list represents a computer not know to be unresponsive. - View Dependent Claims (2, 3, 4)
-
-
5. A method, comprising:
-
storing a first set of port identifiers in a computer-readable medium utilizing a computer, each of said first set of port identifiers representing a port used by computers to receive data packets compliant with a first protocol of said network, each of said first set of port identifiers representing a port associated with known network services; directing each of a first set of data packets to a port represented by at least one of said first set of port identifiers, each of said first set of data packets compliant with said first protocol and transmitted to said target computer via said network; receiving a first set of acknowledgement packets via said network in response said transmission of said first set of data packets; maintaining a list of host identifiers, each host identifier representing a computer on said network that transmits data in response to a packet sent to said respective computer, a host identifier representing said target computer added to said list of host identifiers if said first set of acknowledgment packets indicates a responsiveness of said target computer; storing a second set of port identifiers in a computer—
readable medium, each of said second set of port identifiers representing a port used by computers to receive data packets compliant with a second protocol of said network, each of said second set of port identifiers representing a port associated with known network services;directing each of a second set of data packets to a port represented by at least one of said second set of port identifiers, each of said second set of data packets compliant with said second protocol and transmitted to said target computer via said network, at least one of said second set of data packets including data associated with said known network services; receiving a second set of acknowledgement packets via said network in response to said transmission of said second set of data packets; and adding a host identifier representing said target computer to a second list of host identifiers if said second set of acknowledgment packets indicates a responsiveness of said target computer, wherein each of said second list host identifier in said second list represents a computer not know to be unresponsive. - View Dependent Claims (6, 7, 8)
-
Specification