...got in a discussion with a colleague reagrding the amount of network traffic generated by a simple hostscan in ettercap. I'm under the impression such a scan generates a minimal amount of traffic reading the arp tables. My co-worker insists such a scan puts a network at risk. A host scan doesn't use arp spoofing, does it? Thanks.

p.s. -- also noted Irongeek's site is gone. Any word from the man about that?