Design And Implementation Of The Security Vulnerability Detection System Based On Port Scanning

The problems of network security arouse more people's widespread interest and become the key points of network engineering research. The security vulnerability is the flaw which is in the hardware, software or the security policy. The hacker may use this flaw to visit the system or disturb normal use of the system in the unauthorization situation. Therefore so long as all security vulnerabilities were found and patched, the system may resist most of attacks launched by the hacker. The security vulnerability scanning technology is able to examine the latent security vulnerability and enables the network administrator to understand in advance where the vulnerability is. In this way the network system will be safe.Through studying the security vulnerability scanning principle and the existing network vulnerability scanner and learning from some actual scanning experiences, a security vulnerability scanner is designed and realized. It is based on port scanning for the network security administrators.The innovation of this article is the security loophole scanning design model based on port scanning and the scanning engine which uses openning port - relational tree strategy. The scanner is based on port scanning. Before the network vulnerabilities scanning is launced, the Ping test and port scanning are carried on. It can reduce blindness. The scanning strategy is able to maximize the scanning concurrency and enhances the efficiency during the network vulnerabilities scanning.In this article the basic knowledge is introduced which is needed during the progress of designing a security vulnerability scanner. Then the design goal and principle is proposed. And following the goal and principle, the system design is given. The essential technology to realize the security vulnerability system is introdued. The scanning plug-ins is used to examine the system vulnerabilities. The scanning plug-in is a dynamic link library file. When a new security vulnerability appears, the corresponding plug-in is made to be put into the plug-in storehouse. Then the scanner can find the new vulnerability by using thenew plug-in. The scanner has an extremely good extension with the plug-in technology; The system takes full advantage of the system and network resources with the multi-thread algorithm and enhances the scanning efficiency; The scanning results are stored in the scanning history storehouse. So the scanning work can be resumed after interruption; When the scanning work ended the scanner can produce the detailed report which can help security administrators to understand the security condition and fix the security vulnerabilities.