jon baer wrote: > in the "real world" is nessus pretty much a legit testing method based on > php developers experience? for example go here: > > http://cgi.nessus.org/plugins/search.html > I think it's just a much better nmap (or nmapfe for the command-line challenged). J