We use a combo of a free scanner (Nessus) www.nessus.org and a commercial scanner (ISS Internet Scanner) www.iss.net . We use the ISS scanner day-to-day to keep our network security tight, but then use a laptop with Nessus to double check or network every few months or before a large audits ect. Nessus is Unix based, since I'm in mainly a Win32 enviroment also, we use an older laptop (think its a 400mhz, 128MB Ram, 4GB Hard drive) with RedHat OS as a platform for Nessus. ISS Internet scanner is a Windows based tool so it would work good for you, but the cost is a bit high if your on a tight budget. Another Widows based scanner that I like is Retina by www.eeye.com , its a commerical tool also not sure of the cost there, but its not cheap either.
Hope that helps, Christopher Coffey Network Security Officer AAC-VA -----Original Message----- From: Bejon Parsinia [mailto:[EMAIL PROTECTED]] Sent: Monday, February 25, 2002 5:20 PM To: Security-Basics (E-mail) Subject: The Best Network Scanner? Good day, I just wanted to pose this question to the group, what are some of the best network scanners on the market for finding vulnerabilities on your network, reporting on issues, and suggesting fixes for the known vulnerabilities that are found? When you respond, please note if this is a *nix or Win32 app (I'm in a Win32 environment). I've been working on testing a few different products and have had a tough time on picking one to go with. Also worth noting, I haven't found an application that is thorough enough for my liking yet either. The real dilemma is, I have such a tight budget (who in IT doesn't these days though) that I am forced to make a very informed decision. So, with that in mind here is your challenge. I appreciate any feedback you can give me, and am looking forward to putting my servers under even greater stress with your recommendations (assuming there is a trial demo available or you suggest a free app). :) Sincerely, Bejon Parsinia [EMAIL PROTECTED]
