ScanBox Ett verktyg för snabb och automatisk nätverksscanning

Abstract

While IT attacks are an ever growing problem, the security awareness of many companies is at an alarming level. Possible causes may be lack of knowledge, that it seems too expensive to improve the situation, or maybe that it is hard to get started. Lack of network security, however, leaves the network very vulnerable to attack. ScanBox was developed as a degree project at Cybercom in Gothenburg. It is a tool for automatic vulnerability scanning of local networks. ScanBox consists of a Raspberry Pi with Kali Linux, which is controlled via a cloud-based server and uploads its results to this server. The results produced by ScanBox are intended as a basis for initial security discussions with potential customers. Through its degree of automation, ScanBox has the ability to deliver results at a very low price, which can facilitate the initiation of a security process for the customer. ScanBox uses arp-scan to quickly map devices connected to a local area network. Next, Nmap is used for port scanning and initial vulnerability scanning. The whole process takes about half an hour. ScanBox has the potential to increase the customers’ insight into network security and to show how they can improve their security status with relatively small funds. The project has not involved the legal issues of vulnerability scanning.