OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
RE: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny

From: Dan Catalin Vasile (hardware_ctayahoo.com)
Date: Sat Feb 09 2008 - 09:56:48 CST


I will conduct my own tests trying to follow as many
variables as possible.
While speed is an important factor I don't think it's
the only important aspect in a portscanner. Would you
prefer a fast port scanner with a high rate of
undetected ports?

I will publish the results in a couple of weeks. But
hey, I translated the Nmap documentation in romanian.
Would my results be impartial? What if nmap proves to
be the best after all? Will I be blamed? Seriously
now, the test is all about the methodology. I will
present the results and a personal note over them. You
will do the conclusions and maybe have a solid ground
when choosing the best portscanner for a particular
job.

'till then, happy, fast and good port scanning.

Dan Vasile

--- Erin Carroll <amoebaamoebazone.com> wrote:

> I would love to see another independent review of
> these tools. If someone
> takes up the challenge to do some nice comparison
> testing there is some
> things I'd like to see.
>
> A major issue I see is that a lot of these reviews
> either don't address or
> put much emphasis on is reliability of results.
> Speed is critical issue and
> knowing which tool to select for your particular
> needs is great... but if
> comparison testing could also incorporate a matrix
> which aligned reported
> results with actual ports/systems in the testbed for
> accuracy that would
> rock.
>
> my 2 pesos
>
> --
> Erin Carroll
> Moderator
> SecurityFocus pen-test list
> "Do Not Taunt Happy-Fun Ball"
>
> > -----Original Message-----
> > From: listbouncesecurityfocus.com
> > [mailto:listbouncesecurityfocus.com] On Behalf Of
> Tyler Reguly
> > Sent: Tuesday, February 05, 2008 10:42 PM
> > To: krymsongmail.com
> > Cc: pen-testsecurityfocus.com
> > Subject: Re: Port Scanner Challenge Revisited:
> Nmap,
> > Unicornscan, Portbunny
> >
> > I have put the comment out at one point that I
> would be more
> > than happy to perform additional tests be they
> against
> > individual hosts or a large network... I will
> happily
> > comply... One of the problems is that unicorn scan
> needs to
> > be "tuned" against each specific network as Robert
> mentioned
> > to me in a previous email... and to me that
> becomes a hit
> > against right off the bat... if I have to scan and
> tune and
> > scan and tune... that defeats the purpose. If the
> authors
> > want a large sampling... and want to see
> independent
> > results... I'm more than willing to do it, but
> don't tell me
> > I need to continually tune your product... Thing
> of the added
> > time to pen tests and audits. Scan once and
> potentially wait
> > a few seconds longer (although in most cases you
> didn't have
> > to wait as long) or scan numerous times, tuning
> each time so
> > that ultimately you have one scan that was
> faster... but
> > you've done numerous scans.
> >
> > Either way... Authors... give me your idea scan
> line for a
> > large target base and I'll test them and post
> speed and
> > accuracy results.
> >
> > On 4 Feb 2008 21:29:50 -0000, krymsongmail.com
> > <krymsongmail.com> wrote:
> > > At some point I'm hoping someone does a more
> in-the-field
> > test. I know Portbunny and maybe Unicornscan are
> more suited
> > to larger scans, realizing their gains over time.
> Rather than
> > against one system or a couple home systems, I'd
> love to see
> > results over a larger target range.
> > >
> > >
> >
>
----------------------------------------------------------------------
> > > --
> > > This list is sponsored by: Cenzic
> > >
> > > Need to secure your web apps NOW?
> > > Cenzic finds more, "real" vulnerabilities fast.
> > > Click to try it, buy it or download a solution
> FREE today!
> > >
> > > http://www.cenzic.com/downloads
> > >
> >
>
----------------------------------------------------------------------
> > > --
> > >
> > >
> >
> >
>
--------------------------------------------------------------
> > ----------
> > This list is sponsored by: Cenzic
> >
> > Need to secure your web apps NOW?
> > Cenzic finds more, "real" vulnerabilities fast.
> > Click to try it, buy it or download a solution
> FREE today!
> >
> > http://www.cenzic.com/downloads
> >
>
--------------------------------------------------------------
> > ----------
> >
>
>
>
------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE
> today!
>
> http://www.cenzic.com/downloads
>
------------------------------------------------------------------------
>
>

      ____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------