One aspect that is currently missing in the draft is the idea of communicating your measurement intentions overtly. I.e. it should be easy for a network admin to understand that an alert in their IDS is related to a measurement campaign rather than an attack.
Possibilities to overtly communication your measurement intentions are:
Run a webserver on the measurement machine to clearly describe the measurement
Use informative rDNS names for your measurement machines (e.g., http-measurement.example.com)
Provide information about the nature of the measurement in application protocol fields (e.g., HTTP header, client name in the SSH protocol field,…)
One aspect that is currently missing in the draft is the idea of communicating your measurement intentions overtly. I.e. it should be easy for a network admin to understand that an alert in their IDS is related to a measurement campaign rather than an attack.
Possibilities to overtly communication your measurement intentions are:
More context can also be found in Section 5 (Scanning and Good Internet Citizenship) of the original ZMap paper: https://www.usenix.org/system/files/conference/usenixsecurity13/sec13-paper_durumeric.pdf