Penetration Testing mailing list archives
RE: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny
From: Dan Catalin Vasile <hardware_cta () yahoo com>
Date: Sat, 9 Feb 2008 07:56:48 -0800 (PST)
I will conduct my own tests trying to follow as many variables as possible. While speed is an important factor I don't think it's the only important aspect in a portscanner. Would you prefer a fast port scanner with a high rate of undetected ports? I will publish the results in a couple of weeks. But hey, I translated the Nmap documentation in romanian. Would my results be impartial? What if nmap proves to be the best after all? Will I be blamed? Seriously now, the test is all about the methodology. I will present the results and a personal note over them. You will do the conclusions and maybe have a solid ground when choosing the best portscanner for a particular job. 'till then, happy, fast and good port scanning. Dan Vasile --- Erin Carroll <amoeba () amoebazone com> wrote:
I would love to see another independent review of these tools. If someone takes up the challenge to do some nice comparison testing there is some things I'd like to see. A major issue I see is that a lot of these reviews either don't address or put much emphasis on is reliability of results. Speed is critical issue and knowing which tool to select for your particular needs is great... but if comparison testing could also incorporate a matrix which aligned reported results with actual ports/systems in the testbed for accuracy that would rock. my 2 pesos -- Erin Carroll Moderator SecurityFocus pen-test list "Do Not Taunt Happy-Fun Ball"-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf OfTyler RegulySent: Tuesday, February 05, 2008 10:42 PM To: krymson () gmail com Cc: pen-test () securityfocus com Subject: Re: Port Scanner Challenge Revisited:Nmap,Unicornscan, Portbunny I have put the comment out at one point that Iwould be morethan happy to perform additional tests be theyagainstindividual hosts or a large network... I willhappilycomply... One of the problems is that unicorn scanneeds tobe "tuned" against each specific network as Robertmentionedto me in a previous email... and to me thatbecomes a hitagainst right off the bat... if I have to scan andtune andscan and tune... that defeats the purpose. If theauthorswant a large sampling... and want to seeindependentresults... I'm more than willing to do it, butdon't tell meI need to continually tune your product... Thingof the addedtime to pen tests and audits. Scan once andpotentially waita few seconds longer (although in most cases youdidn't haveto wait as long) or scan numerous times, tuningeach time sothat ultimately you have one scan that wasfaster... butyou've done numerous scans. Either way... Authors... give me your idea scanline for alarge target base and I'll test them and postspeed andaccuracy results. On 4 Feb 2008 21:29:50 -0000, krymson () gmail com <krymson () gmail com> wrote:At some point I'm hoping someone does a morein-the-fieldtest. I know Portbunny and maybe Unicornscan aremore suitedto larger scans, realizing their gains over time.Rather thanagainst one system or a couple home systems, I'dlove to seeresults over a larger target range.
----------------------------------------------------------------------
-- This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solutionFREE today!http://www.cenzic.com/downloads
----------------------------------------------------------------------
--
--------------------------------------------------------------
---------- This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solutionFREE today!http://www.cenzic.com/downloads
--------------------------------------------------------------
----------
------------------------------------------------------------------------
This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads
------------------------------------------------------------------------
____________________________________________________________________________________ Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Robert E. Lee (Feb 04)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Fyodor (Feb 05)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Robert E. Lee (Feb 07)
- <Possible follow-ups>
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny krymson (Feb 05)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Tyler Reguly (Feb 06)
- RE: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Erin Carroll (Feb 06)
- Message not available
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Andre Amorim (Feb 07)
- RE: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Dan Catalin Vasile (Feb 10)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Tyler Reguly (Feb 06)
- Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny Fyodor (Feb 05)