Wednesday, August 17, 2011

Nmap vs Nessus

Nmap and Nessus both are network vulnerability scanner The history of vulnerability scanner is very exciting. In initial days Telnet was used to find open port stat. Over time a set of scripts was developed to make vulnerability scanning simple, one of such script set was SATAN (Security Administrator Tool for Analyzing Network). After SATAN some of popular commercial tool was ISS ( Internet Security System) .

As the Open Source movement became popular, in network security field Nmap was released in 1997 and Nessus released in 1998 both was open source. Nessus became proprietary in 2005 although for personal use this product is still free.

As per as use Nmap use is concern, it is very helpful in

Find the status of host (up or down)

Find the open ports on a particular hosts

OS and its version on hosts (windows xp or linux ?)

Presence of firewall

List of network services running on host

Nessus can do almost all which Nmap do, other than that Nessus can find CVE(Common Vulnerability Exposures) using its plug in. Nessus should be used in you have following security needs

Security audit

Vulnerability Scanning and analysis

Sensitive data discovery

Open port scanner (like Nmap)

Asset & Process profiling

One point to be noted that Nmap can work more effectively if we use its Scripting Engine feature