17.3. Security Auditing on the Mac
Several products on the market allow for vulnerability scanning and security auditing on the Mac. Some of them are freeware, and some of them are not. SAINT, Nessus, and Metasploit are our favorites for this critical piece of the security puzzle. Only Nessus and Metasploit are free products.
17.3.1. Nessus
Nessus is a comprehensive vulnerability scanner and analyzer, which is estimated to be used by more than 75,000 organizations. The core of Nessus is nessusd, the Nessus daemon, which performs the actual scanning. nessusd provides a web-based management interface.
Nessus begins by performing a port scan with its own internal port scanner (or it can optionally use nmap) to determine which ports are open on ...
