Interview with Steven Dabbs, CEO & President of ScannerX
by Berislav Kucan - Monday, 3 February 2003
ScannerX has performed thousands of security scans and I would have to say we see a lot of web server based vulnerabilities for the IIS (Internet Information Server, Microsoft® Servers), SQL vulnerabilities and recently a lot of Apache web server vulnerabilities on the unix based web servers. There have also been a large number of SMTP related vulnerabilities.

What security problems will we see in 2003?

In 2003, we expect an increase in vulnerabilities due to the heightened awareness in security. As more companies begin to tighten down the reigns on their Internet-enabled devices (Firewalls, Intrusion Detection systems, Web and Mail servers), more holes and vulnerabilities will be found which will lead to an increased number of security related problems this year. 2003 will bring the same types of vulnerabilities as in previous years, just more of them.

What to expect from ScannerX in this business year?

ScannerX's future expansion of products and plans for growth include the following:

Managed Vulnerability Assessments: For customers who want to know what is going on with their network but do not want to manage the process themselves. The anticipated cost is $20 per month plus $5 per scan. ScannerX will ensure the customer's servers are scanned periodically and that the results are reviewed and compared to prior scans. Any significant developments or changes will be reported immediately to the customer.

Assessment Reviews and Consultations: Customers who want an explanation of the results of a scan can order a complete review and consultative session. The customer will receive the analysis and recommendation by email and as a bound hard copy delivered by next day express service. With this service, ScannerX will review the results of the scans, analyze the impact and give the customer a written summary of the risks and an explanation of how to patch the servers. The anticipated price point will be $150 for a single one-time analysis of up to 5 IPs.

Audits of Assessments and Penetration Testing: This service is for customers who want both an explanation and ScannerX to remotely logon onto their servers and look for other issues. The customer will receive the analysis and recommendation by email and as a bound hard copy delivered by next day express service.

Clustered Dedicated Servers: In cases where the customer has simultaneously initiated multiple C Class scan ranges with a high number of ports to be tested, the machines bog down. ScannerX has developed a method of specialized circulating so that more than one server can be used to scan the various ranges. Internally, ScannerX will use multiple machines to handle the load.

Secured Dedicated Servers: For customers who want to host their service on a system that is constantly monitored for new vulnerabilities and is continuously patched. Final pricing is not complete but is expected to be at a 25% monthly premium over comparable dedicated hosting services that do not offer such security.


VPN protocol flaw allows attackers to discover users' true IP address

The team running the Perfect Privacy VPN service has discovered a serious vulnerability that affects all VPN providers that offer port forwarding, and which can be exploited to reveal the real IP address of users.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Nov 30th