1

I am looking for a free network vulnerability scanner that can be internally only. I found out today that Nessus is no longer free. This is what I currently have.

Thank you

3 Spice ups
2

It looks like Nessus is still free to me.

http://www.nessus.org/download/

3

Here is another thanks Google

4

Metasploit is good as well. Also check out the backtrack project, phenominal if you really want to get into testing your network.

5

I am looking into Backtrack 4 which recently moved from a Nessus base to OpenVAS. It contains the metasploit apps as well so you can scan and pen-test, but I have not had the time to learn enough to give you instructions.

Nessus is only free for personal home use. Any other usage would violate the license agreement and you are asking for trouble since you have to register to receive the updates.

6

Check out the latest release from Rapid7, they resently purchase metasploit and now have a community edition of NeXpose for free that allows you to scan up to 32 IPs. This not only does, network but web apps as well. You can find out more about it here: http://www.rapid7.com/nexposecommunitydownload.jsp . BTW Nessus is only free for personal home use, if you want to use it for business then you must pay for it, sure you might be able to get around it but the subscription gives you access to a lot more functionality.

NeXpose Community Edition provides users with:

  • Unrivaled breadth of vulnerability scanning for up to 32 IPs
  • Regular vulnerability updates
  • Accurate scan results
  • Prioritized risk assessment
  • Remediation guidance
  • Out-of-the box Metasploit integration
  • Extensive community support at http://community.rapid7.com
  • Simple deployment
  • No cost start-up security solution
1 Spice up
7

No matter which tool you use RTFM.

I “used” NMAP for a long time without learning about it and missed out on a lot of really cool stuff that you can do with it. Same thing with Nessus, you really have to read up on the tools in order to use them effectively.