RE: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny

[Dan Catalin Vasile <hardware_cta () yahoo com>]

I will conduct my own tests trying to follow as many
variables as possible. 
While speed is an important factor I don't think it's
the only important aspect in a portscanner. Would you
prefer a fast port scanner with a high rate of
undetected ports?

I will publish the results in a couple of weeks. But
hey, I translated the Nmap documentation in romanian.
Would my results be impartial? What if nmap proves to
be the best after all? Will I be blamed? Seriously
now, the test is all about the methodology. I will
present the results and a personal note over them. You
will do the conclusions and maybe have a solid ground
when choosing the best portscanner for a particular
job.

'till then, happy, fast and good port scanning.

Dan Vasile


--- Erin Carroll <amoeba () amoebazone com> wrote:

> I would love to see another independent review of
> these tools. If someone
> takes up the challenge to do some nice comparison
> testing there is some
> things I'd like to see.
>
> A major issue I see is that a lot of these reviews
> either don't address or
> put much emphasis on is reliability of results.
> Speed is critical issue and
> knowing which tool to select for your particular
> needs is great... but if
> comparison testing could also incorporate a matrix
> which aligned reported
> results with actual ports/systems in the testbed for
> accuracy that would
> rock.
>
> my 2 pesos
>
> --
> Erin Carroll
> Moderator
> SecurityFocus pen-test list
> "Do Not Taunt Happy-Fun Ball" 
>
> > -----Original Message-----
> > From: listbounce () securityfocus com 
> > [mailto:listbounce () securityfocus com] On Behalf Of
> Tyler Reguly
> > Sent: Tuesday, February 05, 2008 10:42 PM
> > To: krymson () gmail com
> > Cc: pen-test () securityfocus com
> > Subject: Re: Port Scanner Challenge Revisited:
> Nmap, 
> > Unicornscan, Portbunny
> >
> > I have put the comment out at one point that I
> would be more 
> > than happy to perform additional tests be they
> against 
> > individual hosts or a large network... I will
> happily 
> > comply... One of the problems is that unicorn scan
> needs to 
> > be "tuned" against each specific network as Robert
> mentioned 
> > to me in a previous email... and to me that
> becomes a hit 
> > against right off the bat... if I have to scan and
> tune and 
> > scan and tune... that defeats the purpose. If the
> authors 
> > want a large sampling... and want to see
> independent 
> > results... I'm more than willing to do it, but
> don't tell me 
> > I need to continually tune your product... Thing
> of the added 
> > time to pen tests and audits. Scan once and
> potentially wait 
> > a few seconds longer (although in most cases you
> didn't have 
> > to wait as long) or scan numerous times, tuning
> each time so 
> > that ultimately you have one scan that was
> faster... but 
> > you've done numerous scans.
> >
> > Either way... Authors... give me your idea scan
> line for a 
> > large target base and I'll test them and post
> speed and 
> > accuracy results.
> >
> > On 4 Feb 2008 21:29:50 -0000, krymson () gmail com 
> > <krymson () gmail com> wrote:
> > > At some point I'm hoping someone does a more
> in-the-field 
> > test. I know Portbunny and maybe Unicornscan are
> more suited 
> > to larger scans, realizing their gains over time.
> Rather than 
> > against one system or a couple home systems, I'd
> love to see 
> > results over a larger target range.
> > >
----------------------------------------------------------------------
> > > --
> > > This list is sponsored by: Cenzic
> > >
> > > Need to secure your web apps NOW?
> > > Cenzic finds more, "real" vulnerabilities fast.
> > > Click to try it, buy it or download a solution
> FREE today!
> > > http://www.cenzic.com/downloads
----------------------------------------------------------------------
> > > --
--------------------------------------------------------------
> > ----------
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution
> FREE today!
> > http://www.cenzic.com/downloads
--------------------------------------------------------------
> > ----------
------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE
> today!
>
> http://www.cenzic.com/downloads
------------------------------------------------------------------------
>



      ____________________________________________________________________________________
Looking for last minute shopping deals?  
Find them fast with Yahoo! Search.  http://tools.search.yahoo.com/newsearch/category.php?category=shopping

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------