Research And Design On Integrated Vulnerability Scanning System

With the rapid development of information security technology, vulnerability scanning systems have been widely used in various fields, but because of the wide range of vulnerability itself, there still accompanied by a large number of attacks aimed at applications on the systems. The attacks not only caused huge economic losses to companies, but also damaged the vital interests of the users seriously. The traditional vulnerability scanning systems are limited in scan range and inefficiencies, so they can not effectively decrease the security risks posed by vulnerabilities.Based on the research and analysis on the existing vulnerability scanning systems, we designed and implemented an integrated and distributed vulnerability scanning system based on B/S mode. Firstly, after the research and extensive understanding of the current situations of vulnerability scanning technologies both at home and abroad, we analyzed the frameworks and the structures of the existing open-source tools, and then combined with scanning technology based on active network and host, integrated the advantages of knowledge match and simulated attack scanning methods, the paper presents a design scheme for an integrated vulnerability scanning system. Next, we select the open source vulnerability scanning tools OpenVAS and W3AF for secondary development with integration and optimization, and implements the scan on operating systems, network devices, basic application platforms, and Web applications. And finally implements an integrated network security vulnerability scanning system, which can not only provide information security risk assessment services but also meet the scan policy needs of users to conduct a comprehensive and efficient security vulnerability scanning services.The testing results proved that the system not only can finish a comprehensive detect on both the system vulnerabilities and Web application vulnerabilities quickly, but also has a simple-to-use user interface, which can meet the safety testing vulnerability scanning requirements on hosts of the ordinary users. Currently, the integrated vulnerability scanning system works stablly and has good performances.