It’s really amazing: There’s some things you use every day without even thinking about them. Thankfully, there’re other people who do think about those things and how to improve them.
For me, nmap was always the state-of-the-art port scanner. Ok, so scanning large networks with many filtered ports takes long, but that’s just the time it needs, isn’t it?
Apparently it’s not for FX and Fabian Yamaguchi from Recurity Labs. At the 24c3 they presented their new tcp syn port scanner PortBunny. The amazing thing about the scanner is its speed. It runs as kernel module and sends out triggers to which it knows will be a response in order to identify network congestion. Due to the triggers it can adjust the speed at which it sends out its probes to as close to the optimum as possible. Have a look at their slides to see how it works in detail. They also have a comparison between nmap and PortBunny.
I’m curious how long it will take for Fyodor from insecure.org to update his nmap accordingly 
Tags: 24C3, nmap, Port Scanner, Port Scanning, PortBunny, Portscan, Security
