Re: OS detection problem

[Fyodor <fyodor () insecure org>]

On Sun, Mar 23, 2008 at 10:24:43PM -0300, João Medeiros wrote:
> Hi Sara,
>
>     I tested this FP with my application and the most four closely system was:
>
>     - [5.374400] Cisco VPN 3000 Concentrator VPN platform (software
> version 4.7.2.D)
>     - [5.391158] HP LaserJet 4350 printer
>     - [5.468121] D-Link DGS-3324SR or DSG-3612G switch
>     - [5.583666] Juniper Networks M10 or M320 router (JUNOS 7.4R3.4)
>
>     The value between braces is the Euclidean distance.

Interesting.  If she had done --osscan-guess, these are the four
closest matches Nmap would have shown:

 86%  7568 Juniper Networks M10 or M320 router (JUNOS 7.4R3.4) (Juniper | JUNOS | 7.X | router)
 86%  7585 Juniper Networks Olive (JUNOS 7.5-20060511, FreeBSD based) (Juniper | JUNOS | 7.X | router)
 86%  7619 Juniper Networks M series router (JUNOS 8.3R2.8) (Juniper | JUNOS | 8.X | router)
 86% 19098 Yamaha NetVolante RT58i router (Yamaha | embedded || router)

Now I'm curious as to what the system really runs :).  Nmap's results
are more precise in that the guesses are all routers (the first three
being Juniper routers), but that doesn't mean that Nmap is more
accurate.  It is possible to be very precise, and wrong.  Maybe Sara
can send us the whole output, using the -A option.  Or maybe she
happens to already know what the system is?

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org