What are the best, top 5 vulnerability/port scanners? Please mark it with a space and dash with the operating system it needs and if theirs another OS version to use it on.

For E.g. eEye Retina - Windows

top five ? lol
nmap
languard
retina
cheops-ng (based in nmap)
nessus.............

Superscan 3.0 for TCP Scanning (I love It.)

Superscan 4.0 for UDP Scanning

X-Scan v2.3 (nmap + nessus for windows)

Webdavscan.exe for Mass Port 80 Banner scannin'


All for Windows...yeah, Hate Me ^^

Ah yeah...NTscan for IPC$ Passwords

nmap - linux or win32
nessus - linux or win32
sara - linux or colinux
languard/retina - win32 I guess, grudgingly I recommend these as pretty much interchangeable
foundstone tools - win32 tools

shadow security scanner is worth a mention, its just like Retina but a lot faster

nmap
scanline
nessus

nmap and sl of foundstone...

X-Scan
HSCAN

nmap
nessus
dfind

Why is everyone in love with nmap? I heard about it.. but is it better than dfind? I allways usedfind cause its fast.

What difference is between dfind and nmap?

by far the most wicked scanner i have ever used FOUNDSCAN.

its a application (meaning they send it to you preinstalledon a server so they can charge you more money) we had one on loan from mcafee but decided not to buy because of budget issues. I was amazed at how accurate it was. it made really nice reports and i never found one false positive.

nessus - linux backend, win frontend
nmap - linux
superscan 3 - win
nikto - perl

Nessus is the best vuln assessment tool (period)
Nmap is the most feature rich port scanner
pakketo's scanrand is the fastest port scanner
GhostPortScanner (GPS) is an awesome scanner to keep from triggering firewalls (depending on the scan setting it could eather trigger or bypass IDS's)

xscan and superscan (scanline) is such crap, seriously you need to get better tools.

Yeah, Foundstone is really hot as it has some extra cool modules that do specific web scanning similar to whisker (but better) and specific internal host scans if you give it a admin account to use to look at the internals. Plus the muckety-mucks really like the foundstone score. A simple number they can point to and say: look its going up! Or it went down what are you doing about it?

In the commercial space Qualys is also supposed to be pretty cool on these fronts but I haven't had a chance to play with it yet.

--P>G>>

Best Security Scanner:

Shadow Security Scanner

Worst:

GFI Languard...I hate it.


I haven't tried Max Partol's.....

My Preference:

Enumeration
Nmap
Superscan
Wassup gold ; )

Asessments:
Nessus-
Shadow
Retina
ISS
GFi
Nikto - Cgi
Xscan

scan100/500/1000 (the best portscanner for me)
dsns
nmap
superscan 3
x-scan (good but a bit slow..)

my favorites:

scan 500 for portscans
dfind for banners etc.
x-scan
nmap

for banners :

found stone's sl.exe

for single target nmap

for range dfind/sfind

sl
nmap
languard

nmap
hping3
isic
p0f2
sing

One that noone is mentioning that I like a LOT is..

Harris Stat Analyzer
Harris Stat Scanner

Analyzer lets you run ISS, STAT Scanner and Nessus scans under the hood, and then correlates the data into one report. REALLY nice stuff.

Hi,
As you can read in "Network Intrusion Detection, Third Edition" nmap, have features who make harder to the network analyst the recognition of a scan over his network, other scanners as you can see with Etheral o Tcpdump leave more and biggers fingerprints than Bigfoot (also known as Yeti).

it all depends on the situation, target,...

Ok then grace us with your knowledge and provide some examples.

there are many good stuff what do you wana do ?

firewalk............................. Detecting Firewall Rulles (*nix)
cheops-ng.......................... Shows topology on network (*nix)
autoscan........................... integrate some other tools (*nix)
amap or nmap................... Port Scanner + Service detectors (*nix & win32)
nessus/NewT......................Vulnerability scanner (*nix/win32)
hydra ............................... Password finder by Brute forcer (perl)
nikto/wnikto....................... cgi scanner (*nix/win32)(perl)
whisker.............................. cgi scanner with IDS feature (perl)
Retina.................................Vulnerability scanner (win32)
X-scan3..............................Vulnerability scanner GUI & CLI (win32) uses {nasl}
ShadowSecurityScanner.......web vuln scanner(win32)
MicrosoftBaseLine ............... IIS vuln scanner(win32)
SupperScan....................... fast port scanner (win32)
Dfind................................. CLI vuln scanner (win32)
Sfind.................................. CLI vuln scanner (win32)(win32)
scan1000............................ fast CLI vuln scanner(win32)
ScanLine............................ CLI vuln scanner (win32)

& so on ...

nmap
nessus
nikto
retina
languard

nmap
languard
retina
X-Scan v2.3
Shadow Security Scanner

That are few scanner that i like

and for ipc/sql , a well known : FX Scanner