>Nmap vs Nessus

By | February 24, 2011


Nmap and Nessus both are network vulnerability scanner The history of vulnerability scanner is very exciting. In initial days Telnet was used to find open port stat. Over time a set of scripts was developed to make vulnerability scanning simple, one of such script set was SATAN (Security Administrator Tool for Analyzing  Network). After SATAN some of popular commercial tool was ISS ( Internet Security System) .
As the Open Source movement became popular, in network security field  Nmap was released in 1997 and Nessus released in 1998 both was open source. Nessus became proprietary in 2005 although for personal use this product is still free. 

As per as use Nmap use is concern, it is very helpful in

  • Find the status of host (up or down)
  • Find the open ports on a particular hosts
  • OS and its version on hosts (windows xp or linux ?)
  • Presence of firewall
  • List of network services running on host

Nessus can do almost all which Nmap do, other than that Nessus can find CVE(Common Vulnerability Exposures) using its plug in. Nessus should be used in you have following security needs

  • Security audit
  • Vulnerability Scanning and analysis
  • Sensitive data discovery
  • Open port scanner (like Nmap)
  • Asset & Process profiling

One point to be noted that Nmap can work more effectively if we use its Scripting Engine feature 

Share itShare on FacebookEmail this to someoneTweet about this on TwitterShare on Google+Share on LinkedInPrint this page

Leave a Reply

Your email address will not be published. Required fields are marked *

Current month ye@r day *