METHOD AND SYSTEM FOR NETWORK VULNERABILITY ASSESSMENT

摘要

The present invention relates to a simultaneous system for finding and assessing vulnerabilities in a network, which comprises: A. A mapping unit for: (a) scanning the network, and each time a new element is found, reporting its IP address to a profiling unit; (b) sequentially receiving from the profiling unit profile records of said newly found elements; (c) sequentially extracting tables from those elements which their profile record indicates that they are of the network equipment type; and (d) sequentially reporting to a modeling and simulating unit topology records which include said found IPs, and for those elements being of a network equipment type, said topology records also include said extracted tables; B. A profiling unit for sequentially receiving IP addresses of network elements from the mapping unit, investigating each of said elements, forming a profile record for each of said elements, and sequentially transferring said profile records to both the mapping unit and to a vulnerability assessment unit; C. A vulnerability assessment unit for: (a) sequentially receiving profile records from the profiling unit; (b) determining a list of those vulnerability tests that have to be performed on each element; (c) performing for each element those vulnerability tests that are included in its corresponding list, and determining for each test a passed or failed result; and (d) sequentially reporting to an modeling and simulation unit for each performed test, the IP of the element, the identity code of the element, and the passed or failed result; and D. A modeling and simulation unit for: (a) sequentially receiving topology records from the mapping unit, and each time a topology record is received, adding or subtracting respectively the corresponding element from a model of the network which is maintained at the modeling and simulation unit; (b) sequentially receiving from the vulnerability assessment unit vulnerability test (VT) results; and (c) sequentially analyzing the model currently existing at the modeling and simulation unit for the possibility of exploiting vulnerabilities of the network.