| The rapid development of the information technology brings great benefit to the people, at the same time, it brings more threats. So, the problems of network security are paid more attention to and become key points of network security. The security vulnerability scan technology is able to examine the latent security vulnerability and enables the network administrator to understand in advance where the vulnerability is. In this way the network system will be safe.At present, there are many vulnerability scanners, but some deficiencies exist at the same time. For example, the report of scan result can be filched easily, the existing port scan leaves trace on destination host, the scan speed becomes low because of transferring the whole plugin while doing vulnerability scan and so on. According to the deficiency of existing system, the model of network vulnerability scan system based on port scan and plugin is proposed in this paper. The verifiable partial key escrow algorithm based on RSA is improved, the participation of the user can obtain private key, consequently, it makes sure the safety of file transmission. Based on the existing port scan technology, disguise partition port scan is proposed in this paper, scan host sends out data package to destination host making use of the address of the disguise host, and sending out data package after partitioning, consequently, this scan can pass through fire wall. The existing plugin structure is improved in the paper, so that it need not transfer the whole plugin while scanning. By transferring the fitting plugin which is based on former detected operation system category, the scanning efficiency can be enhanced.At last the article analyzes the functions and components of vulscan system which is implemented in the article. The system works fine whether the scan target is a single host or a network. |
PDF Full Text Request