Vulnerability Scanner, nmap vs Nessus
I need a good vulnerability auditing tool for Ubuntu so I decided to try nmap I also recalled that there was a product that can do this kind of work called Nessus it is no longer available in the repository and the packages for Ubuntu at its site http://nessus.org/nessus/ are old, I suppose that the latest one may work on maverick though, does anyone have any experience using nessus? How does it compare to nmap?
As far as I'm aware, Nessus is no longer free. You should take a look at OpenVAS, which is a Nessus alternative (and has even better coverage), instead.
OpenVAS (Nessus alternative) and Nmap are very much different. You can use OpenVas to find vulnerabilities without knowing how to look for them as OpenVAS tries out numerous attacks collected from various sources, whereas you do need to know what you are doing, where to look for, with Nmap.
Nmap is faster, Nessus is more complete. The repositories of BackTrack have the lastest nessus and Nmap.
nmap is not a vulnerability scanner, it's network services scanner, it only detects available network services, it does not scan them for vulnerabilities. Nikto (from package nikto) is a good web server vulnerabilities scanner.