Network Tutorial, Fifth Edition

As the complexity of an enterprise network increases, so do its vulnerabilities. Heterogeneous operating systems, each with their own configuration quirks, run myriad devices and applications in a high-speed, highly connected environment. The upshot is a maelstrom of code, with unexpected holes, glitches, and back doors. Oftentimes, network administrators aren't aware such breaches exist until an intruder uses them to gain unauthorized access to network resources.
Scanning is one way to root out possible weak points in your network. A host of software-based scanning tools are available to probe your network for known vulnerabilities in operating systems, applications, passwords, and so on. In fact, would-be intruders use these tools to scope out a network before attacking, so scanning is also a proactive security measure that lets you find the chinks in your armor before someone else does.
Depending on the level of technical expertise available to you, you'll have to decide whether to conduct your own scans or hire a scanning service. If you conduct your own scan, you can choose among commercial, open-source, and freeware tools.
Many of the open-source and freeware tools, such as Nmap, are written by hackers. Why would a legitimate administrator use hacker tools? Good question. A good answer is because such products can be highly effective. You may also find it instructive to learn just how intruders go about casing your network. However, commercial software packages perform the same functions and have easy-to-use interfaces and reporting capabilities.
A...