01.13.08

Port Scanner Challenge: nmap, Unicornscan, PortBunny

Posted in IT, Reviews, Security, Software, Tools at 11:33 pm by Tyler Reguly

There's been quite a bit of mention lately of PortBunny, the new port scanner from Recurity Labs. The scanner is Linux kernel-based and provides a TCP SYN Scan. I figured that I'd put the scanner to the test against nmap and Unicornscan.

Here's the rundown of the setup used:

Software + Version:

• Unicornscan 0.4.7-2
• nmap 4.53
• PortBunny 1.0

Scanning Host:
OS: Ubuntu 7.10
Kernel: 2.6.22-14-generic
Processor: Intel Pentium M 2.13Ghz
RAM: 1GB

Install Process:

1. Obtain archive
2. Extract archive
3. ./configure *No custom config options used for any of the software*
4. make
5. make install

Tested via Python:
Test Script (Note: I can't get my lines to tab properly, so tab over the four lines following def test):

import time, os

def test ( prog ) :
startTime = time.time()
os.system( prog )
endTime = time.time()
print ( 'Execution Time: %f' % ( endTime - startTime ) )

Targets:

• vista - Vista Home Premium
• shell - Ubuntu 6.06.1 LTS (2.6.15-28-powerpc)
• minibox - OS X 10.4.11
• printer - HP LaserJet 4MV
• gateway - m0n0wall 1.231

Scan Notes:

• PortBunny requires an IP Address, it won't run against hostnames.
• PortBunny doesn't sort the results list.
• Unicornscan missed all ports on printer and gateway when scanning ports 1 - 65535.
• PortBunny missed a port on printer when scanning ports 1 - 65535.
• nmap missed 2 ports on printer when scanning with -T5 --max-retries 0.

Results:

Raw Data, including ports found, after the jump.

Raw Data:

UnicornScan (No Flags)
vista: 8.231500 (3 ports: 135, 139, 445)
shell: 9.165131 (1 port: 22)
minibox: 8.742175 (3 ports: 22, 139, 445)
printer: 8.247121 (1 port: 23)
gateway: 9.254548 (1 port: 443)

UnicornScan (target:1-65535)
vista: 13.311627 (14 ports: 135, 139, 445, 912, 990, 3300, 5243, 5357, 49152-49157)
shell: 12.618381 (2 ports: 22, 22222)
minibox: 23.914155 (3 ports: 22, 139, 445)
printer: 13.418802 ( No Results )
gateway: 25.703069 ( No Results )

nmap (No Flags)
vista: 14.247429 (5 ports: 135, 139, 445, 912, 990)
shell: 1.459821 (1 port: 22)
minibox: 12.813033 (3 ports: 22, 139, 445)
printer: 15.712642 (3 ports: 23, 515, 9100)
gateway: 13.748654 (2 ports: 53, 443)

nmap (-p 1-65535)
vista: 46.718391 (14 ports: 135, 139, 445, 912, 990, 3300, 5243, 5357, 49152-49157)
shell: 3.512229 (2 ports: 22, 22222)
minibox: 524.289407 (3 ports: 22, 139, 445)
printer: 520.515789 (4 ports: 23, 515, 9099, 9100)
gateway: 521.966512 (2 ports: 53, 443)

nmap (-T5 --max-retries 0)
vista: 0.738913 (5 ports: 135, 139, 445, 912, 990)
shell: 0.454034 (1 port: 22)
minibox: 1.111805 (3 ports: 22, 139, 445)
printer: 1.617320 (1 port: 23)
gateway: 1.374272 (2 ports: 53, 443)

nmap (-T5 --max-retries 0 -p 1-65535)
vista: 8.418148 (14 ports: 135, 139, 445, 912, 990, 3300, 5243, 5357, 49152-49157)
shell: 2.463647 (2 ports: 22, 22222)
minibox: 16.159884 (3 ports: 22, 139, 445)
printer: 19.497723 (1 port: 23)
gateway: 15.732872 (2 ports: 53, 443)

PortBunny (No Flags)
vista: 18.304994 (5 ports: 139, 990, 135, 445, 912)
shell: 0.671106 (1 port: 22)
minibox: 11.71634 (3 ports: 139, 445, 22)
printer: 27.348082 (3 ports: 515, 9100, 23)
gateway: 16.010657 (2 ports: 443, 53)

PortBunny (-p 1-65535)
vista: 642.486770 (14 ports: 135, 139, 445, 912, 990, 3300, 5243, 5357, 49152-49157)
shell: 3.037339 (2 ports: 22, 22222)
minibox: 496.809214 (3 ports: 139, 445, 22)
printer: 927.133742 (2 ports: 515, 23)
gateway: 597.609687 (2 ports: 443, 53)

Permalink