Security Vulnerability Scanner
INTRODUCTION
In today’s business world, vital company information is accessed, stored, and transferred electronically. The security of this information and the systems storing this information are critical to the reputation and prosperity of companies. Therefore, vulnerability assessments of computer systems are routinely employed by businesses to obtain a complete evaluation of the security risks of the systems under investigation. However, the methods for performing vulnerability assessments are varied and cost prohibitive.

Society has come to rely more heavily on computer applications and networks, and the risk of significant damage resulting from a correctable vulnerability is significant. Although this situation is being mitigated by security education and increased adoption of both preventive and reactive security systems, such as vulnerability scanners and intrusion detection systems, the situation is still very serious. The vulnerabilities existing on a machine and within a network must be determined quickly and accounted for by repair or at the very least auditing and contingency planning. In protecting networks and individual hosts against malicious intents, vulnerability scanners are becoming critical tools for network administrators. Once an administrator becomes aware of a vulnerability, it is important to determine quickly and securely if the conditions are present in the network and on specific hosts that would allow the vulnerability to be exploited. In a large heterogeneous network environment, this is difficult.
Network-based Versus Host-based Vulnerability Assessments:-
Network-based VAs are accomplished through the use of network scanners. Network scanners are able to detect open ports, identify services running on these ports, simulate attacks, and reveal possible vulnerabilities associated with these services. On the other hand, host-based VAs are carried out through host-based scanners. Hostbased scanners are able to recognize system-level vulnerabilities including incorrect file permissions, registry permissions, and software configuration errors. Furthermore, they ensure that target systems are compliant with the predefined company security policies. Unlike network-based scanners, an administrator account or an agent is required to be on the target system to allow for the system-level access required.
Network-based Vulnerability Assessment Tools
Several network-based VA scanners are available on the market today, including SAINT Corporation’s SAINT™4, Internet Security Systems' (ISS) Internet Scanner® 7.0, and Nessus Security Scanner (Nessus – latest version 2.0.6a). All three VA scanners are recognized by IT professionals for their scanning speed, configurability, and robustness. Both SAINT™4 and Internet Scanner® 7.0 come with a very high price tag. However, Nessus is an open source VA tool and hence is free. Most IT professionals are skeptical about open source products because they do not provide the same capabilities available in commercial tools. This may be true for some, but this does not apply to Nessus due to the fact that it is as powerful as some of the best commercial VA scanners5. In addition, it was the winner of the 2002 Information Security Magazine Excellence award (March 2002), winner of the Network Computing's 7th Annual Well- Connected Award in the Vulnerability Assessment Tool category (May 2001), and was selected as one of the "Top 50 Security Tools" by nmap's users (June 2000)6.

Furthermore, products such as Vigilante’s SecureScan trust the quality and capabilities of Nessus; they combine it with their in-house developed tools and other commercial tools to provide businesses with VA services7. For these reasons, the Nessus software package is featured here.
Objective and goals
Objective:-
To provide a common set of methodologies and requirements to standardize vulnerability scans on campus servers and networking infrastructure, scan the vulnerability points of the website and to provide the security to the documents.
Goals to achieve:-
 Developing a tool that scan the “SQL INJECTION” vulnerability.
 Developing a tool that scan the “CROSS SITE SCRIPTING” vulnerability.
 Developing a tool which scan the “Network-based” vulnerability.
 Providing the security to encrypt the documents by implementing “ENCRYPTION” technique.
 Providing the security to decrypt the documents by implementing “DECRYPTION” technique.
Digitally sign the document.
ABSTRACT
Our project concern about the scanning of website and network. Detecting security vulnerabilities in large heterogeneous networks is generally accomplished using either host-based or network-based security auditing tools. A host-based security auditing tool runs on the host being assessed and has the advantage of seeing the vulnerabilities of a machine from the inside. A network-based tool audits hosts on network by sending crafted packets; it sees the machines as a remote attacker would see them. Host-based vulnerability assessment tests can be distributed to network hosts, and vulnerability reports are collected centrally by a security analyst. This work addresses the confidentiality and integrity of the vulnerability reports. There is a perceived weakness in how these reports are requested, stored, and communicated to the security analyst’s workstation. A prototype solution has been developed and implemented to mitigate this weakness.

The results show that a successful method employs the strengths of two software packages, Nessus (Nessus Security Scanner) and SecurityExpressions, running from a mobile laptop computer.