produke points us to a review of security vulnerability scanners. It's light on detail and not terribly well organized, but might provide a starting point for more research. From the article: "A few months back I did some intense testing of all the best vulnerability scanners out there... I had a couple nix boxes hooked up, as well as some dozers, and figured I could add clients to a 'once-a-week' scanning contract. So naturally, I wanted to use the scanner that was the best for my purpose... Better to use firewalk, hping3 (now with scripting!), nmap, etc., and leave these crutch-like tools alone."