We have covered brief introduction about port scanning and its techniques in our previous topic. Here we are, with requirements of a good port scanner.
Dynamic delay time calculations: Delay time is necessary for some scanners to send the data chunks. So you need to check whether it is working properly or not with ping, which gives replies to every execution. But that is some time cumbersome, so you can use connect ( ) to a closed port on target. Which can gives you an initial delay time you’re your scanner. Simple, isn’t it!!!
Parallel Port Scanning: Scanners generally scans orts linearly and one by one till total ports are reached, but this old technique only works better with TCP on a faster network. So you need to test whether your port scanner has parallel port scanning or not because we have to scan over larger area or wide area network.
Flexible Port Specification: Can you believe we need to scan all 65535 ports. It will be slow and tiresome process. Also, the scanners which only allow you to scan ports 1 – N often fall short of an intruder’s need. Test whether your scanner has ranges option available which can allow you to scan the ports in better manner.
Flexible target specification: On a larger network you may surely want to scan more than one or two hosts. So you should have flexible target specification available on your port scanner.
Retransmission: Sending chunks and collecting for response is a way old technique for scanners. But this can lead to false positives or negatives in the case where packets are dropped. So, check whether your scanner have automated retransmission available.
So these are some of the primary facts of considerations. Some secondary consideration includes Down Host Detection, Own IP detector, and IP scanner etc.