In passive mode, the scanner analyzes traffic that passes through the network between the systems, trying to find something unusual. The advantage of passive mode is that it has no impact on the network and its hard to detect. Users can continue working and do not suspect that are present in the network vulnerability scanner. But this type of scanning has its drawbacks. The main is that not all traffic goes through a vulnerability scanner, and any shortcomings will be available for analysis in this mode. Active scanners check the system more like a hacker, not the auditors. They apply to systems in order to receive answers from them, and analyzing it to find 'holes' in the protection system. They are more 'aggressive', but also more effective than passive scanners.
This activity can lead to undesirable consequences and adversely affect the operation of the whole network or individual components and systems. Often, such a scan can be disabled individual servers or network segments. When using these tools need to be confident in their skills or qualifications of staff performing this scan, as the only professionals in the IT field can guarantee the safety of this procedure. IT-defense is exactly the area in which you should not rely 'at random', but better to resort to using professionalov.Software or hardware? Vulnerability scanners are also divided into hardware and software. Software scanners run on servers or working stations within the network. Hardware scanners are separate devices. Software vulnerability scanners provide a wider range of options to configure and manage, while hardware scanners are easier to install and require no user intervention in the process of finding vulnerabilities.