Login
    Order Now   |    Prices   |    Compare Our Services   |    Sample Report   
|    Overview   |    How We Do It   |    FAQ   | Buyers Checklist   | Sample Report   |

FAQ - Frequently Asked Questions
What is automated network security scanning?
When a hacker (or an automated hacking tool, such as the "Code Red" worm) attempts to break into a network, they do so by identifying a remote machine and exploiting a flaw in the operating system, application or system configuration. SecuritySeer's SeerScan network security scanning service acts as the ultimate hacker, tirelessly and relentlessly checking for every known security flaw on your Internet-accessible machines.

 What information is reported by SeerScan?
SeerScan provides reports tailored to each role in your enterprise:

  • Executive summaries that offer a graphical synopsis of security status and trending at a glance.
  • IT manager's reports that provide a high-level technical overview and facilitate informed decision making to allocate resources to ensure the protection of critical information assets.
  • Network administrator's reports that contain detailed descriptions of vulnerabilities, step-by-step instructions on repairing them and extensive technical references to the appropriate security bulletins and articles.
All reports will be in PDF format for email distribution.

What kinds of problems does SeerScan discover?
The SeerScan vulnerability database is extensive. Tests are run to discover over 1,500 problems in these categories:

  1. Backdoors, remote control and Trojan horse programs
  2. Brute Force Attacks
  3. CGI-Bin
  4. Denial of Service
  5. DNS and Bind
  6. Finger
  7. Firewall
  8. File Transfer Protocol (FTP)
  9. Information Services (NIS, LDAP, WHOIS)
  10. Mail Services
  11. Microsoft Front Page
  12. Microsoft IIS
  13. News Services
  14. Remote file access
  15. RPC
  16. SMB/NetBIOS Windows sharing
  17. SMTP
  18. SNMP
  19. TCP/IP
  20. UNIX
  21. Web Servers
  22. Windows
  23. X-Windows

I have a firewall. Isn't that enough?
A properly configured and maintained firewall is an essential part of a good network security program, but it is only the first step. A firewall cannot prevent many attacks that exploit flaws or misconfigurations in publicly accessible servers. Most of the 250,000 web servers that were infected with the "Code Red" worm were behind firewalls.

What hardware and software do I need to run SeerScan?
There's no hardware or software to buy. We scan and analyze your network security remotely.

Is a training class available?
No special expertise is required to use the SeerScan service. Unlike most vulnerability scanning software utilities, SeerScan requires no training classes or a network security background to use.

How does SeerScan find vulnerabilities?
SeerScan uses a three-phase approach:

  1. Discovery. SeerScan first identifies all machines in your network that are visible from the Internet, such as web, mail or file servers, firewalls, routers, switches and desktop PC's. It then discovers the services that each machine offers, the type of operating system and the versions of each publicly accessible application.

  2. Exploitation/Analysis. Each service and application discovered in phase one is cross-referenced to an extensive database to generate a list of potential vulnerabilities. For example, if a machine is running Windows and offering web service, a list of Microsoft IIS vulnerability checks is enabled.
    There are a total of over 1,500 vulnerability checks in the SeerScan database, and the number grows continually as new security holes are discovered. Our security experts monitor vendor security bulletins, security organization announcements and "black hat" hacking sites to keep the vulnerability database as current as possible, and your network as secure as it can be.

  3. Reporting. Detailed and easy-to-read reports are available in PDF format for email distribution.
How do I use SeerScan?
When you submit a request form, one of our security experts will ask you to provide us with your Internet addresses of the machines to test, along with other information such as your email address and your company's domain name. Our security experts then setup your Internet addresses in our security system and run or schedule a scan to run at a regular interval of your choice (monthly, Quarterly, or onetime). Scan reports contain separate sections for executives, IT managers and technicians, are available in PDF format. Reports will be emailed to you or to your designated authority.

Will a scan damage or slow down my network?
SeerScan is a "good network citizen", running security tests in a way to minimize the effect on your network. Also, SeerScan never runs destructive or Denial-of-Service tests that might cause servers to hang, reboot or lose data.

My Sys Admin is diligent. Why do I need to scan my network?
Every competent Sys Admin tests a server before reporting that it is available. SeerScan is an invaluable tool for a Sys Admin because it allows him or her to test security measures from a hackers point of view - before a hacker does.

Will SeerScan break into my network?
SeerScan will identify a security hole in your network so that it can be patched, but does not exploit it to gain access to your network. Under no circumstances is any data on tested machines examined or retrieved.

I just scanned my network last month. Why scan again?
Your security is only as good as your last scan. Every network change you make is a possibility for a new security hole. Even if no changes are made, new vulnerabilities are discovered by the hacker community on a daily basis. It's an arms race between you and the hackers. SeerScan makes sure you're always equipped with the latest vulnerability information. Regular security scans ensure maximum network availability.

Contact Information | Services Agreement | Privacy Statement
©Copyright , SecuritySeer, Corp., All Rights Reserved.