One of the very best network vulnerability assessment scanners available is called Nessus and is available from www.nessus.org. It can perform many thousands of checks against machines on your network to ascertain whether any are vulnerable to known exploits. The only drawback to using Nessus in a large institution is that its user interface for displaying scan results is accessible only to the scanner operator on his or her workstation; there is no access available to people elsewhere in the institution, unless their PCs are also suitably equipped.
Though Nessus can generate HTML output from a security scan for use by a web browser, that data is not conveniently searchable; there is no way to search for a specific port number, or to show only those results corresponding to a particular class of vulnerability. This renders it of little use to the casual system administrator who wishes little more than to check on the health of his/her assigned machines.
To remedy this, the author wrote some scripts in PHP that will take the raw output of Nessus and store that in a MySQL database; that data is then made available via the web in a searchable format.
This web page is a first attempt at publishing these scripts, such that other Nessus devotees can make their own scan data available within their intranets.
Please have a look at a sample of the opening screen. After entering some search criteria, the host selection screen is displayed. Finally, selecting some scan results on a specific date presents the details screen where the textual output from Nessus is displayed.
The current version, 0.7, may be downloaded here. It was released on May 02, 2007
For historic purposes, a list of earlier versions is here:
This Nessus-PHP-Interface is Copyright © 2004, 2006, 2007, 2008 - Kristofer T. Karas, and is released under the GNU GPL.