We've heard about a Linux tool for scanning Windows systems for vulnerabilities called Nessus. Is this a scanner like Nmap that produces text output about open ports, or does it provide more help?

Nessus runs under X Windows on Unix and Linux systems, and provides a graphical interface for security scanning. Nessus provides online reports with information about vulnerability and severity of the problem.

After downloading and executing the Nessus installer from www.nessus.org, you complete a few configuration steps and launch the program. Create a security certificate for Nessus by running the 'nessus-mkcert' program.

Next, define a user allowed to use Nessus by running 'nessus-adduser.' Then run 'nessus-update-plugins' to ensure you have the latest scanning routines, and start the Nessus server daemon by running 'nessusd-D.'

Now launch the Nessus client by running 'nessus.' Log on and work through the page tabs to choose the types of scans, identify the targets, configure reporting options and launch the scan.

Nessus will open a report window listing the hosts scanned. Highlighting a host name shows security-scan results for the host, and can include pointers to repairing the problem.