UDP scanning with the Metasploit auxiliary module is less comprehensive than UDP scanning with Nmap. It only targets a limited number of services, but it is highly effective at identifying live services on these ports and faster than most other available UDP scanning solutions.

The underlying principle behind Metasploit's SYN scan the auxiliary module is essentially the same as any other SYN scanning tool. For each port that is scanned, a SYN packet is sent, and the SYN+ACK responses are used to identify live services. Using Metasploit might be more appealing to some because of the interactive console and also because it is a tool that is already well known by most penetration testers.

The underlying principle that defines how a TCP connect scan is performed by Metasploit is the same as previously discussed with other tools. The advantage of performing this type of scan using Metasploit is that it can cut down on the total number of tools that one needs to familiarize oneself with.