TL;DR
Here’s a guide to some of the best free network vulnerability scanners you can use to check your home or small business network for weaknesses. We’ll cover Nmap, OpenVAS, and Nessus Essentials.
1. Understanding Network Scanning
Network scanning is like checking your house for open windows and unlocked doors. Vulnerability scanners go a step further – they try to see if someone could actually get in through those openings. It’s important to scan regularly, but also be aware that aggressive scanning can sometimes disrupt network services or trigger intrusion detection systems.
2. Nmap (Network Mapper)
Nmap is a powerful and versatile scanner. It’s command-line based, so it looks a bit more technical, but it’s very effective for discovering devices on your network and identifying open ports and services.
- Installation: On Linux (Debian/Ubuntu), use
sudo apt install nmap. On macOS, you can use Homebrew:
brew install nmap. Windows users can download from the Nmap website.
- Basic Scan: To scan a single IP address (e.g., 192.168.1.1), use
nmap 192.168.1.1. This will show you open ports and potentially the services running on them.
- Scan a Range: To scan an entire subnet (e.g., 192.168.1.0/24), use
nmap 192.168.1.0/24.
- OS Detection: Use the -O option to try and determine the operating system of the target devices (requires root/administrator privileges):
sudo nmap -O 192.168.1.1
Nmap is great for quick reconnaissance, but it doesn’t provide detailed vulnerability reports.
3. OpenVAS (Open Vulnerability Assessment System)
OpenVAS is a comprehensive vulnerability scanner that provides more in-depth analysis than Nmap. It’s often considered an alternative to commercial scanners like Nessus.
- Installation: Installation can be complex, especially on Windows. Consider using a virtual machine (like VirtualBox) with a Linux distribution specifically designed for cyber security testing (e.g., Kali Linux).
- Greenbone Security Assistant (GSA): OpenVAS is managed through the Greenbone Security Assistant web interface. Access it via your browser after installation (usually on port 9392, e.g., https://localhost:9392).
- Configuration: You’ll need to update the vulnerability tests regularly to ensure you have the latest definitions. This is done through the GSA interface.
- Scanning: Create a new target (your network or specific IP addresses), configure scan settings, and start the scan. OpenVAS will generate detailed reports with identified vulnerabilities and recommendations for remediation.
OpenVAS requires more setup than Nmap but offers much richer vulnerability information.
4. Nessus Essentials
Nessus Essentials is a free version of the popular commercial Nessus scanner. It allows you to scan up to 16 IP addresses, making it suitable for small home networks or limited testing.
- Download: Download from the Tenable website. You’ll need to create a free account.
- Installation: The installation process is straightforward for Windows, macOS, and Linux.
- Scanning: Nessus has a graphical user interface (GUI) that makes it easy to configure scans. Select a scan template (e.g., Basic Network Scan), enter the target IP addresses, and start the scan.
- Reports: Nessus generates detailed reports with vulnerability information, severity levels, and remediation advice.
Nessus Essentials is user-friendly and provides good quality vulnerability data, but the 16-IP limit can be restrictive.
5. Important Considerations
- Permissions: Ensure you have permission to scan any network before doing so. Scanning networks without authorization is illegal.
- False Positives: Scanners aren’t perfect and may report false positives (vulnerabilities that don’t actually exist). Always verify the results manually.
- Remediation: Don’t just scan – act on the findings! Update software, patch systems, and configure firewalls to address identified vulnerabilities.