If you have more than 1 device connected to your internet router, you have yourself a network.  And if you're anything like me, your network probably contains quite a few devices when you start to think about it.  In my case, for example, there are smartphones using wifi, my TV recorder, the router itself, a couple of PCs, a handful of IP security cameras, and more.  Any or all of which could, in theory, have one or more security weaknesses that a hacker could exploit.

Companies often use security vulnerability scanning software to look for problems in the devices on their network.  Using such programs is cheaper than hiring a so-called ethical hacker, or penetration tester, but they still run into thousands of dollars.  Thankfully, though, many of the major players offer free versions of their software for home or non-commercial use.

One such product is called Nexpose, from Rapid7.  The company also produces another product, called Metasploit, which attempts to hack into systems, using the weaknesses which Nexpose has, well, exposed.  Metasploit is a complex beast which is not easy to use, and which can get you into all sorts of trouble if you misuse it, but Nexpose is a very useful tool indeed.  And the community edition, available for free, scans up to 32 IP addresses, which should suffice for most home networks.

If you fancy trying it, start by heading to to request the download link and a licence key.  You'll need a PC with 8 GB of RAM running a 64-bit version of Windows.  The download is around 360 MB, which is too large for VirusTotal to check but which scanned clear using my regular malware checkers.

Once installed, it'll take a while to update all of its databases, so don't try using it for an hour or so.  Once it's ready, start by creating a new site.  In the example below, I created one called Cameras.  Then enter the IP addresses or device names of the items within that site that you want to scan (I entered the 4 addresses of my IP cameras).  Then press the Scan button.  You can then close the software, as the scan takes place in the background, running as a service on your PC.  Check back in a few minutes to view the results of the scan, and to see the advice that it offers on how to fix any problems it discovers.

Nexpose is a useful tool for checking the security of your LAN, or that of a friend or colleague.  But don't be tempted to point it at networks which you don't have permission to check, as you could be breaking the law.




On principle I avoid programs that require personal information in exchange for a license key. I don't think those program or those that require acceptance of added bundled applications or toolbars are freeware in the strictest sense. Nexpose may be a useful security tool as stated but I would rather go with Belarc Advisor which doesn't request the personal info.