While most computer users think that the threat to computers and computer networks comes from viruses, spyware and other types of malicious software, security experts agree that the real source of danger are holes and backdoors in legitimate software already installed, which, if not patched or fixed, may grant unlimited access to hackers.
Safety-Lab's ShadowSecurityScanner is a specialized solution that is designed to perform over 2 000 vulnerability tests to detect system security holes, locate weak spots and errors, and help to fix these problems.
The first advantage of the software over competitors is that it is cross-platform and scans for security breaches in Unix, Linux, FreeBSD, OpenBSD, Net BSD, Solaris, and Windows systems, the company says. In addition, it is claimed to be the only software solution that locates holes in network equipment by Cisco Systems Inc., Hewlett-Packard Co. and other manufacturers. SSS is designed to be capable of servicing FTP, SSH, Telnet, SMTP, DNS, Finger, HTTP, POP3, IMAP, NetBIOS, NFS, NNTP, SNMP, HTTPS, SSL, TCP/IP, UDP, Registry services, Squid and LDAP. For the latter two, SSS does not stop at verifying ports, but audits proxy servers (Squid) and LDAP servers as well. And, since SSS is an open architecture ActiveX-based solution, any programmer with C++ or Delphi knowledge can integrate the product into their own solutions, the company adds.
The program comes with a built-in rules and settings editor, which aims to allow users to indicate the ports and services to be scanned. This option, combined with the multiple network scan feature (up to 10 hosts at the same time), is designed to make SSS the fastest performing network scanner available on the market. The program is also said to offer reporting options in HTML, CHM, PDF, and XML formats. More importantly, SSS does not just report problems - it actually instructs you on how to fix them and even offers patches that close security breaches, the company concludes.