Performance evaluation of network scanning tools with operation of firewall

As the number of devices connected to the Internet has been exponentially increasing, the degree of threats to those devices and networks has been also increasing. Various network scanning tools, which use fingerprinting techniques, have been developed to make the devices and networks secure by providing the information on its status. However, the tools may be used for malicious purposes. Using network scanning tools, attackers can not only obtain the information of devices such as the name of OS, version, and sessions but also find its vulnerabilities which can be used for further cyber-attacks. In this paper, we compare and analyze the performances of widely used network scanning tools such as Nmap and Nessus. The existing researches on the network scanning tools analyzed a specific scanning tools and they assumed there are only small number of network devices. In this paper, we compare and analyze the performances of several tools in practical network environments with the number of devices more than 40. The results of this paper provide the direction to prevent possible attacks when they are utilized as attack tools as well as the practical understanding of the threats by network scanning tools and fingerprinting techniques.