The word scanning relevant to information technology and computer security describes a test of a computer to find running services and/or vulnerabilities on a computer. There are two main types of security scanning which are:
- Port scanning is done to determine what services are available or running on a computer system
- Vulnerability scanning - A vulnerability scan goes further than port scanning in that it tests for vulnerabilities or weaknesses associated with each service. The vulnerabilities may be exploitable by an attacker and the vulnerabilities may be due to a code error in the associated process or a configuration error.
Port scanning or vulnerability scanning may be performed by network administrators or by attackers. When not performed by a person with authority to do the scan, it is considered to be an attack and the offender may be prosecuted. Anyone performing a scan should be sure to have permission.