This has been interesting...

It started out as a comparison between nmap and UnicornScan and the recently released PortBunny. The results were interesting... and it spanned a couple of blog posts.

Port Scanner Challenge
And the winner is...
Port Scanner Challenge Update

What made this really interesting was that someone associated with UnicornScan jumped in and jumped all over the results... and then went so far to run his own "unbiased" tests... even though I'm independent and he's not.

Essentially, UnicornScan relies on the user to set the transmission rate... it apparently finds throttling to be too difficult of a task... In order to "properly" use UnicornScan you need plenty of experience and you have to be willing to run multiple scans to tweak the speed. Which apparently every network admin and security admin wanting to quickly scan a box, should have time to do... I'm assuming that some people have never worked in a busy environment. I mean 10 scans at 10 - 60 seconds per scan to get down to that 10 second scan, or 1 scan at 30 seconds (picking arbitrary numbers for comparison here)... the 1 scan is the clear winner. So yeah... it's proved interesting... I've also asked that each software's author provide me with the best string for their product (to optimize it to the max for a single, generic scan) and again I've been told you can't scan with UnicornScan unless you are willing to perform multiple scans to properly tune the speed.

Anyways... enjoy.