nmap its the best of the best or so far as I have found at scanning and it tells you the services

one of my favorites for "personal" use is a medical drug dictionary i found, no real function other than a database of most known pharms.
fav "security" software programs would have to be langaurd[spelling?], packetmon, and net iq
i also like acrobat for ebooks and whatnot

i guess thats five or whatever

Netstumbler
Kismet
Airsnort
Nessus
and the ever popular netcat

BigBrother.
The only software you will ever need.

Netstumbler
Wigle
Jigle
MoZilla
photoshop 7

putty - ssh client for windows

bah now i read that i need to list 5....

putty - ssh (win)
nmap - port scan (win/linux)
ministumbler - wardriving (wince)
gaim - communication (win/linux)
ethereal - (win/linux)

Wonder what Chris does on his spare time..

I like SolarWinds (commercial tool). GREAT SNMP dumps and Cisco scans. Not terribly expensive compared to other commercial tools either.

1. Nessus: (Linux) For basic scanning and testing of my network, I love how this will test my servers, even when I have moved them to non-standard ports.

2. Snort: (Linux) Why? Well... why not? "Everything I know about TCP/IP packets, I learned from Snort". Nice little IDS with a good deal of support.

3. Kismet: (Linux) I think the options here are pretty much dictated by O/S choice...

4. Nmap: (Linux) I don't know if this is so much of a favourite as much of a habit... still, I suppose it's as good as any, as far as port scanners go. Clean interface, well supported, easy to use.

5. Tcpdump: (Linux) Handy little gadget for finding out more about what is going on over your network... great all-purpose tool, both for security and general admin'ing.

Long time since I posted..
Its simple, and free.

tcpdump - looking for rogue traffic, logging traffic for analysis or evidence, or generating a baseline for statistics.

ethereal - replaying tcp sessions, also see above.

ngrep - looking for a specific string coming through a transparent bridge? use ngrep. GREAT for looking for automated worms, since you can identify a string. Also used for looking for stacheldracht and other sorts of traffic.

telnet/netcat - connect to any port on any machine, and send data. I combine the two, because he only wanted 5. :) a netcat listener on a remote computer also makes a good place to log forensic data to if you don't want to alter the data on a running machine.

iptables - with a patch, does packet level string matching. awesome for transparent bridges and routers where you want to block packets that contain strings such as "X-KaZaa", or "GNUTELLA CONNECT"...

I'll also mention the dsniff suite, but thats not related to securing your network..

--Medic

fpipe

Anybody here ever use "fpipe" from Foundstone?

GREAT tool! Let's you pipe information from a compromised box into the internal network and back again. So if there is NAT or something else in the way of you taking the internal side, it helps there.

These don't fit as most used, but most impressing to me per explanations

Rafale X (win32,tcpip,free) - A nice lazy way for building, scripting, and sending out packets in Windows for penatration testing, testing stuff under dev, or just having fun on a network.

Log Monitor (win32,monitor,free) - Almost like a tripwire for Windows, allows you to track file changes, deletions, basically anything in that area, and perform some type of event based on it, whether sending an admin message, running a program, or script.

Superscan (win32,scanner,free) - Port scanner, name lookup, warpinger... I love nmap to death, but for some reason in win32 I stick with this program as a quick graphical way of getting it done.

Ethereal (win32/linux,sniffer,opensource) - I just can't find one better for Windows in my opinion. I've tried sniffer pro and didn't care for it. Of course there are more options for nix, but this just gets the job done when in a Windows only environment.

Tiny Personal Firewall (win32,firewall,free) - This is simply the cleanest, lightweight, unintrusive firewall that I've been able to find for Windows without getting into commercial software. The fact that it will let you configure accept/deny rules by port/ip/etc is more than I have seen in a lot of other win32 software firewalls.

nmap is nice, but by no means should it be considered the best. products such as gfi's languard scanner is by far a better and more useful product, but alas, it is no longer free (shouldn't be a problem for any capable people reading this.). But, the biggest downside is that it's m$ only.

with that software alone, i made many new friends at X, poor bastards thought nmap was the king of scanners. nmap gives no information in comparision to languard.

-t

I think you mentioned the key words... "not free" and "M$ only". Like I said, I think a lot of people use nmap more of out habit than anything. For me, it gives me what I need the most, it's free, and it's well supported on the platform of my choice.