> On Thu, Oct 23, 2003 at 11:16:40AM -0500, Shawn Wallis wrote: > > I believe the default "bandwidth" setting is 10m for scanrand... > > > > By setting this back, you can easily match your link.. > > How do you know that the target link is ? How do you know if there is > not something else on the network using bandwidth on that link ?
By doing the test I mentioned before.... With scanrand, you can scan the same ports multiple times, within the same session. When I finally bring my bandwidth down to an acceptable rate, I usually end going about half that just to be certain I don't miss anything... In my practices, I usually just use certain aspects of scanrand, but depend on nmap for the bulk of my work. Nmap is much more user friendly and dependable, plus the amount of intelligence that has been put into it to accomplish that, versus the points you brought up in scanrand, just makes me trust it more... Plus, Fyodor is much more active in development.. > My main gripe with scanrand is that it assumes the conditions are > perfect, like in a lab. If you want a moderately fast port scanner to > scan firewalled hosts, then use Nessus's synscan which computes the > time it takes for packets to go back and forth. As a result, if one link > on the way is too slow, you still get an accurate result. I'm not that familar with Nesuss's synscan, but nmap is very quick when using the timing adjustments... - Shawn
