| Since 70's, in application and in popularization foundation, take computer network as main body information management system rapid development, computer application also gradually to network development.The network information system is the collection correspondence, the computer and the information processing in a body, is the modern society essential foundation.After the computer application develops the network stage, the information security technology obtains the rapid development, the original computer security question increased many new contents.Compares with beforehand computer security , the computer network safety work question must many, also complex many, involves to the physical environment, the hardware, the software, the data, the transmission, the architecture and so on each aspect. Except the traditional safe security theory, technical and outside the single plane security problem, the computer network safety work has included the computer security, the communications security, the access control security, as well as the safety control and the legal sanction and so on many contents, and form the independent discipline system gradually.While the computer and Internet fast development, the data message already was in the network the most precious resources, on the net divulges secrets, divulges a secret, steals secrets and the dissemination harmful information event sometimes occurs. Once in the network transmits the user information intends to steal, the interpolation, then creates regarding the user and enterprise itself the loss all is inestimable.Regardless of is regarding these huge service provider's network, as an enterprise's some business agency's local area network, the data security implementation is as slightly imminent.The present era, the information is one of national most important resources, the information and the network utilization also is the 21st century national strength symbol, take the network as the carrier, the information resource changed the traditional property operation pattern for the core new economy, does not have each kind of information support, enterprise's survival and the development space can be restricted. Not only the information importance causes him to face is coming from the challenge which various aspects emerge one after another incessantly, therefore, needs to perform to the information property to protect properly.Just like Chinese Academy of engineering Chair Xu Kuangdi said that,"The safe project has not been the jerry-built projects".Information similar need safety engineering. But the people gradually realized in reality solves the information security question key to the science management.The information security connotation also in unceasing extending, develops from the initial information secrecy to the information integrity, the usability, the controllability and undeniable, then the development is"attacks (attack), guards against (guard), measured (examination), controls (control), the tube (management), comments (appraisal)"and so on the various basic theory and the implementation technology.Scanning procedures by security experts to assess the safety system is the direction of the development of modern network security a hot topic. The earliest security scanning procedure is simple scan testing of all items set out the results of the implementation, testing, provided directly to the information without any analytical processing. But the current mature sweeping system all can reorganize to the single main engine scan result, forms the report form, can and proposes some solution to the concrete loophole, but lacks an overall appraisal to the network condition, does not have the system solution to the network security. Not only the future safe sweeping system, will be supposed to be able to scan the security loophole, but also will be able to intellectualize the assistance network information system administrative personnel appraised this network the security condition, will give the safe suggestion, will become a security evaluation expert system.Also some item can not but raise is the risk assessment.The risk assessment work is one item time-consuming, needs the manpower support as well as the correlation specialty or the professional knowledge support work.Usually, this work completes by specialized consultant, these consultants may be come from the organization which appraised may also come from the consultant firm, these have specialized quality consultant to play the vital role in the risk assessment. In order to is the risk assessment work can widely develop in all the various trades and occupations, the risk assessment tool is called the indispensable technical support method.At present, many organizations act according to some safety control guide and labelling develop the risk assessment tool, carried on for the risk assessment has provided the convenient condition. Through this article analysis, may see the risk assessment tool to pass through a period of time development, from based on standard of security to based on expert system, from qualitative analysis to semi-quantitative decision-making, unceasing satisfied people's need.But the risk assessment tool consummation also needs very long period of time, the comprehensive survey these tool present situation, but also has many problems, how like can the tool utilization result reflect the objective essence, how does measure, the tool use effectively how can synthesize the coordination and so on. At the same time, our country also is at the seed stage in the risk assessment tool development aspect, does not have the formation risk assessment tool.Therefore we should in the enhancement risk assessment theory foundation, be possible to send out have the proprietary intellectual property rights risk assessment tool.Vulnerability scanning technology is an emerging technology, it from another angle solve network security problems. Specifically, firewall technology is a passive defense, and vulnerability scanning technology is active defense. With firewall, intrusion detection, and other technical than it from another angle to solve network security problems. In this paper, network security scanning technology and its port vulnerability scanning technology includes a number of specific content, and explains and analysis. Along with the development of networks and the core further revision, and new scanning technology to scan the loopholes in the invasion of the birth of new defense technologies will be, but a date has not yet fully mature and efficient vulnerability scanning defense technology; At the same time, vulnerability scanning for all-encompassing loophole, but loopholes the number continues to increase. The current loopholes scanning technology, will combine artificial intelligence, pattern recognition, and other knowledge to be gradually improving, but the loopholes in automated scanning not be fully achieved, and new problems will continue to emerge, network security scanning technology remains to be further studied and improved.This article through sweeps the surface security scanner to the loophole, the risk assessment as well as the vulnerable appraisal and so on the various proof safe scanning technology network security importance.Thus deeper proof network security to now society's importance, with network extant question to all the various trades' and occupations' hazardous nature. Simultaneously penetrates the security scanner which studies grows from this, has made thorough and the thorough investigation to the security scanner production and the development, through the section time understanding and the research, has clarified the security scanner principle of work and the flow, gained quantity experience and knowledge; Simultaneously had also discovered such as the scanning hit probability, the latent loophole discovered and the recovery question gets unhooked and so on a series of modern scanner malpractice and the insufficiency, in the short time research is insufficient to make up these questions is a this research regret, I can in the thereafter research a bluer rosy cloud with this aspect research and the practice, hoped might soon develop a better more specialized tool, also hoped the network security question might soon be under the control fundamentally to be able to solve. |
PDF Full Text Request