Design and Implementation of Computer Network Vulnerability Assessment System

In the field of computer security, especially in the field of network security, it is very important to assess the vulnerability of computer system. Connection on the network computer system in the presence of vulnerabilities may let elsewhere on the network malicious attackers invade inside the computer system, which led to the damage of the computer system of data integrity, availability and confidentiality. The ultimate goal of network vulnerability assessment is to guide the system administrator to find a balance between "security costs" and "intrusion possibilities". The vulnerability assessment method has experienced from the manual assessment to the automatic evaluation stage, and is now being evaluated by the local assessment to the overall development, from the rule based assessment method to the model based assessment method development. However, it can be applied to the product in the process of the evaluation method based on the rules. This kind of product is commonly called the vulnerability scanning product or the security hidden trouble scanning product. The system uses the client / server structure. Server is running on the Linux platform, achieve the goal of preserving scanning plug-in, save the default configuration parameters, loading scanning plug-in on the target system of security scanning, to client sends scan status and results, recording operation log function. The direct operation of the server is carried out by means of a special Shell which is limited to the minimum function. Run the client on the windows platform and is responsible for the management, control server to perform vulnerability scanning tasks, scanning to achieve the task management, scanning strategy management, state / news shows, scanning result report generation and output, user classification and management functions.