The following three network scanners are covered in this chapter. Here's a quick introduction to each of them and where to get them:
Nmap is the oldest, most popular, and most feature-rich of the three scanners. First released in 1997, it has seen four major releases in the past decade. Nmap is widely available for most Unix platforms as well as Windows, and has both command-line and graphical interfaces. Nmap has been integrated into a number of commercial security products as well.
While Unicornscan isn't quite as feature-rich as Nmap, it was designed with speed and scalability in mind. The packet-per-second rate can be precisely controlled to allow for very fast scans, or for slower scans so as to not exceed network constraints. Unicornscan also supports sophisticated UDP scans by speaking application protocols instead of sending empty scan packets. Precompiled packages are only available for a few operating systems; otherwise, it must be compiled from source code.
Scanrand is part of the Paketto Keiretsu toolkit by Dan Kaminsky. While it has the most limited feature set of the tools presented here, it is designed with one thing in mind: sheer speed. Scanrand uses a clever technique of encoding information in the headers of TCP SYN packets, allowing for very fast stateless scanning of a large set of addresses and ports. Scanrand and Paketto packages are available for most Unix operating systems.