Nmap Development mailing list archives

RE: Need help on Wrong OS detection by Nmap 5.0

From: "Rob Nicholls" <robert () robnicholls co uk>
Date: Thu, 24 Dec 2009 12:29:30 -0000

Hi,

Looking at the screenshot, you appear to be scanning the IP address that's associated with your Wireless LAN adapter. 
Without knowing how your access point works (as some are a bit quirky), it's possible that the device is manipulating 
the packets and causing the incorrect OS detection.

I'm also surprised to see 988 closed ports, but I'm assuming you disabled your firewall in order to get Nmap to see an 
open and closed port to try and improve the accuracy?

You might want to check how your guest accesses the network. Did you go with a bridged network (some wireless cards 
have issues allocating a DHCP address to a guest, so you might want to use the Ethernet connection) or can you use the 
VMWare Virtual Private Network to scan the host (e.g. the 192.168.8.1 address?) as this might help you gain more 
accurate results.

I assume the incorrect OS detection can be consistently produced? It might help us if you can provide the Nmap output 
after adding the -d option to the command to enable debugging.

Rob

-----Original Message-----
From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Jaisankar
Sent: 24 December 2009 02:07
To: nmap-dev () insecure org
Subject: Need help on Wrong OS detection by Nmap 5.0

Hi All,

       Merry Christmas & Happy New year

       This is my first email to you. I am new to Nmap tool, started learning from your book "Nmap Network Scanning". 
Thanks for the great open source tool.
         I have Windows Vista as base OS and installed VM ware 7.0 on it. I installed Windows 2003 on VMware and 
bridged the network. On windows 2003 VM OS, i installed the newly downloaded Nmap 5.0 GUI version for windows. I only 
set my IP address (192.168.1.2 - my base Vista OS) in the Target IP and left the default intense  scan in the Profile. 
I got this strage OS detection result which i have attached in this mail.

           I am afraid, if Nmap couldnt find my local Base OS from its VM ware OS. Instead of Vista OS, it is guessing 
the OS as Apple OS X 10.5.5 Leopard,

         Please review it and reply.



regards,

Jaisankar.R


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Need help on Wrong OS detection by Nmap 5.0 Jaisankar (Dec 24)
- RE: Need help on Wrong OS detection by Nmap 5.0 Rob Nicholls (Dec 24)
- Re: Need help on Wrong OS detection by Nmap 5.0 David Fifield (Dec 24)
  - Re: Need help on Wrong OS detection by Nmap 5.0 Jaisankar (Dec 24)
    - Re: Need help on Wrong OS detection by Nmap 5.0 Jaisankar (Dec 29)