GSoC community ideas/Exploring port scanning from within NSE
Being able to write port scanning modules for NSE might open new opportunities. Some experiments have been done, showing that NSE could be well suited to write application-based port scanners (like ftp-bounce). It would enlighten nmap's core and allow implementations to make use of existing libraries. It would also ease prototyping new scan techniques. See http://seclists.org/nmap-dev/2011/q2/307
Fyodor told nmap-dev about a paper that shows two novel and very interesting scan techniques. We might want nmap to be able to leverage them. See: http://seclists.org/nmap-dev/2011/q2/280
That could also become a way to run scans behind proxies, as the NSE stack is already proxy-aware.