Vulnerability Scanner, nmap vs Nessus
Solution 1
As far as I'm aware, Nessus is no longer free. You should take a look at OpenVAS, which is a Nessus alternative (and has even better coverage), instead.
OpenVAS (Nessus alternative) and Nmap are very much different. You can use OpenVas to find vulnerabilities without knowing how to look for them as OpenVAS tries out numerous attacks collected from various sources, whereas you do need to know what you are doing, where to look for, with Nmap.
Solution 2
Nmap is faster, Nessus is more complete. The repositories of BackTrack have the lastest nessus and Nmap.
Solution 3
nmap is not a vulnerability scanner, it's network services scanner, it only detects available network services, it does not scan them for vulnerabilities. Nikto (from package nikto) is a good web server vulnerabilities scanner.
Related videos on Youtube
15 : 05
07 : 12
13 : 06
03 : 07 : 43
01 : 48
Sabacon
Engineer in the field of communications, made the big jump to Ubuntu since Hardy.
Updated on September 17, 2022Comments
-
Sabacon almost 2 years
I need a good vulnerability auditing tool for Ubuntu so I decided to try nmap I also recalled that there was a product that can do this kind of work called Nessus it is no longer available in the repository and the packages for Ubuntu at its site http://nessus.org/nessus/ are old, I suppose that the latest one may work on maverick though, does anyone have any experience using nessus? How does it compare to nmap?
-
Chris Woollard over 13 yearsAlso as already specified. NMAP is not a vulnerability scanner. It is a network scanner.
-
Sabacon over 13 yearsTechnically, you are correct it is not a vulnerability scanner by itself, just a part of your security toolset, If you use scripts with it such as Nmap NSE Vulscan here: computec.ch/mruef/?s=software&l=e some VS can be done.
-
Sabacon over 13 yearsThanks for your suggestion, yes you are correct about nmap not being a VS, it can be used in a limited way of such with scripts though.
