ask | dr. root

The network vulnerability scanning tool you're referring to is called "Nessus" -- after a famous centaur in Greek mythology (but let's keep that for another time :-)).

The open-source Nessus project was started by Renaud Deraison in 1998 and aimed at providing the community with a free, powerful and easy-to-use automated network-based security scanner.

Nessus basically consists of nessusd, the Nessus daemon, which will scan the networks and hosts looking for vulnerabilities, and nessus, the client that will let you configure the scanning run and then provide an interface to the results, once the scan is complete.

Nessus lets you save the results in a number of formats and these results can also be saved in a knowledge base for reference against future vulnerability scans -- which is handy.

You can download Nessus for Solaris 9 & 10 from the Nessus website at: www.nessus.org/download/
(Note: Nessus is also available for Windows, Linux and Mac OS X)
One last thing... If you're going to use Nessus, check the plugin section on the Nessus website. Every security check in Nessus is coded as a plugin. And as new vulnerabilities appear all the time, plugins are regularly added to the site, so make sure you keep up-to-date.