Clarify discovery method

[IamLunchbox]

Currently, network_discovery uses icmp, as can be seen here

[rboucher-me]

@IamLunchbox we are currently working on leveraging additional discovery capabilities of Nmap, including TCP port scanning, that will make this change inaccurate. Is that something that would interest you? Do you have thoughts on how such discovery should be configured and controlled? (for example, only scan a pre-defined set of ports or have the ability to configure what ports to scan?)

[IamLunchbox]

I think that would be a very nice addition to improve the IPAM and observability possibilities of netbox! If orb would automatically populate service facts of a given IP-adress, this knowledge could, for example, be used to audit for documentation and configuration errors.

In that regards i'd like to add, that it would be nice if more IPAM fields could be populated by orb. For example, I would like to tag and PTR the scanned IP-adresses as well. But currently, PTR would require a custom script and all tagging / comments would currently apply for ALL findings, since several policy entries are heavily deduplicated.

I suppose at least the following customizations to a scan could be interesting for many users:

• TCP scans (full tcp-handshake) with icmp being optional
• UDP scans with icmp being optional
• Tweaking of parallelization / speed - some old devices (e.g. ICS, old FWs with small state tables) might not like too fast scans
• Setting of ip ranges as a list, ranges or using the nmap builtin top 10/100/1000