Nessus

It is a powerful and free remote vulnerability scanner. It offers a wealth of configuration and scanning options, though some users might find them overwhelming. One may need to devote a significant amount of time learning the intricacies of the application to use it most effectively. Based on a client/server architecture, Nessus lets users run the administrative console, which executes vulnerability scans and holds databases on a machine other than the server. Client front ends are available for Java, Win32, and X11, making Nessus a true cross-platform tool that can scan Linux, Windows, and Unix hosts. Nessus provides an astonishing quantity of customized tests called plug-ins. These include interesting scans that look for vulnerabilities in routers from Cisco and other companies, CGI scripts, buffer overruns, remote-access connections, back doors, RPC, and SNMP.

Microsoft Baseline Security Analyzer (MBSA), is a Windows-only scanner that searches for vulnerable configurations that need patching or updating. It is designed for finding security weaknesses in all Microsoft's products. Considering how vulnerable an unsecured Windows machine can be, MBSA is valuable to Windows IT administrators who can't afford the third-party vulnerability scanners reviewed elsewhere in our roundup.

ISS's Internet Scanner™ is the network security industry's preferred solution for network vulnerability analysis and decision support. Internet Scanner performs scheduled and selective probes of your network's communication services, operating systems, key applications, and routers in search of those vulnerabilities most often used by unscrupulous threats to probe, investigate, and attack your network. Internet Scanner then analyzes your vulnerability conditions and provides a series of corrective action, trends analysis, conditional, and configuration reports and data sets.

N-Stealth® is a vulnerability-assessment product that scans web servers to identify security problems and weaknesses that might allow an attacker to gain privileged access. The software comes with an extensive database of over 30,000 vulnerabilities and exploits. N-Stealth® is more actively maintained than the network security scanners and consequently has a larger database of vulnerabilities. It can audit both local and remote web servers. Simply plug in your IP address and let it run - within minutes, you'll have a full report outlining all the potential security holes on the server.

Retina Network Security Scanner is an advanced vulnerability scanner. It can scan every machine on your network - including a variety of operating system platforms (e.g. Windows, Unix, Linux), networked devices (e.g. firewalls, routers, etc.), databases and third-party or custom applications - in record time. After scanning, Retina delivers a comprehensive report that details all vulnerabilities and appropriate corrective actions and fixes.
Platform: Windows