Penetration Testing mailing list archives
Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny
From: "Robert E. Lee" <robert () outpost24 com>
Date: Wed, 06 Feb 2008 22:27:20 +0100
On Mon, 2008-02-04 at 13:15 -0800, Fyodor wrote:
I wish your mails announcing your "port scanner challenge" (and the posts themselves) would disclose that you are the author of UnicornScan, which (big surprise) you declared to be the "clear winner" of your tests. I'm not accusing you of trying to hide your affiliation, it is probably just an oversight on your part.
Do you preface all of your nmap posts with "Fyi, I am the author of nmap"? :) I assumed that since a link to my blog is on the main unicornscan page, and my blog links to my unicornscan page, and my email links to my blog, that the readers can figure that connection out on their own. I did 3 rounds of testing and showed nmap to win one, portbunny to win one, and unicornscan to win one. I will do additional analysis of the results to explain why each one succeeds or fails.
I'm not saying the ComputerDefense.Org review was perfect or definitive, but at least they are independent. All scanners have benefits and drawbacks, and there may be cases where people prefer UnicornScan or PortBunny to Nmap, so I'm glad those tools are around and I hope they continue to improve.
The first comparison test was run by someone who didn't understand how to use the tools properly. A comparison test should only be run by someone familiar enough with the tools involved. I am going out of my way to document how the tools are run, and to make sure that the test results are captured. There is nothing biased in my testing. Being involved with a project does not invalidate the documented results. Robert -- Robert E. Lee Chief Security Officer Outpost24 - One Step Ahead http://www.outpost24.com SE Phone: +46 455-61-2320 US Phone: +1 801-924-5902 email: robert () outpost24 com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Robert E. Lee (Feb 04)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Fyodor (Feb 05)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Robert E. Lee (Feb 07)
- <Possible follow-ups>
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny krymson (Feb 05)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Tyler Reguly (Feb 06)
- RE: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Erin Carroll (Feb 06)
- Message not available
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Andre Amorim (Feb 07)
- RE: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Dan Catalin Vasile (Feb 10)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Tyler Reguly (Feb 06)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Fyodor (Feb 05)