- nMap (http://www.insecure.org/nmap/)
- Nessus (http://www.nessus.org)
- ISS (http://www.iss.net/)
- SAINT (http://www.saintcorporation.com/products/saint_engine.html)
- SARA, (http://www-arc.com/sara/)
You will also want to check script security using a tools such as Nikto.
While there is no guarantee that these tools will find all vulnerabilities, obviously you should fix the ones they do find.
For more info on this topic, please visit these SearchSecurity.com resources:
This was first published in March 2004