Nmap Development mailing list archives
Re: Comments on OS detection 2nd generation (soft fingerprinting)
From: Fyodor <fyodor () insecure org>
Date: Sat, 27 May 2006 00:50:16 -0700
On Sat, May 27, 2006 at 12:40:23AM -0400, Joshua D. Abraham wrote:
What I was suggesting is that the user may want to verify the version detection and sometimes the banner is a useful way of doing so.
Another good way is the --version-trace option, which shows the data sent and received in real time. For example: syn~>nmap -sV --version-trace -p22 scanme.nmap.org Starting Nmap 4.03 ( http://www.insecure.org/nmap/ ) at 2006-05-27 00:44 PDT Hostupdate called for machine 205.217.153.62 state UNKNOWN/COMBO -> HOST_UP (trynum 0, dotimeadj: yes time: 271) Finished block: srtt: 393 rttvar: 5000 timeout: 100000 block_tries: 1 up_this_block: 1 down_this_block: 0 group_sz: 1 massping done: num_hosts: 1 num_responses: 1 mass_rdns: Using DNS server 127.0.0.1 mass_rdns: Using DNS server 205.217.152.16 Performing system-dns for 1 domain names that use CNAMEs DNS resolution of 1 IPs took 0.20s. Mode: Async [#: 2, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 1] NSOCK (0.3900s) TCP connection requested to 205.217.153.62:22 (IOD #1) EID 8 NSOCK (0.3940s) nsock_loop() started (no timeout). 1 events pending NSOCK (0.3940s) Callback: CONNECT SUCCESS for EID 8 [205.217.153.62:22] NSOCK (0.3940s) Read request from IOD #1 [205.217.153.62:22] (timeout: 6000ms) EID 18 NSOCK (0.3980s) Callback: READ SUCCESS for EID 18 [205.217.153.62:22] (20 bytes): SSH-2.0-OpenSSH_4.3. Starting RPC scan against scanme.nmap.org (205.217.153.62) Interesting ports on scanme.nmap.org (205.217.153.62): PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 4.3 (protocol 2.0) Final times for host: srtt: 372 rttvar: 3791 to: 100000 Nmap finished: 1 IP address (1 host up) scanned in 0.401 seconds syn~> Cheers, Fyodor _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- Re: Comments on OS detection 2nd generation, (continued)
- Re: Comments on OS detection 2nd generation Arturo 'Buanzo' Busleiman (May 26)
- Re: Comments on OS detection 2nd generation Joshua D. Abraham (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Brandon Enright (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Joshua D. Abraham (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Fyodor (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Joshua D. Abraham (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Fyodor (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Joshua D. Abraham (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Fyodor (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Joshua D. Abraham (May 26)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Fyodor (May 27)
- Re: Comments on OS detection 2nd generation (soft fingerprinting) Joshua D. Abraham (May 27)