Security Basics mailing list archives

Re: Help understanding NMAP results

From: "mike king" <ngiles () hushmail com>
Date: Mon, 11 Jul 2005 14:41:49 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

How many times did you scan your self from your friends house?
are you familiar with false positives?
The os detection is working because your box is still answering to
ICMP, FIN, ACK.
Nmap runs a serious tests to figure out guess what OS is running.
Nmap sT vvv O p 1-1024 destination-ip

Just an example::
T1(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=FFFF%ACK=S++%Flags=AS%Ops=MNWNNT)

5190 you are correct sir is for the aol instant messenger service
on their servers.

Hope this helps.

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkLS55EACgkQUjm7xSZSd8E0bQCaAs+v1aJm6qpATxUAXbdKVXY9thUA
n2W2aIeuZV2ISCzUOyLDYxzWhx49
=oQEu
-----END PGP SIGNATURE-----

Current thread:

Help understanding NMAP results Theodore Wynnychenko (Jul 11)
- Re: Help understanding NMAP results Nikolai Alexandrov (Jul 12)
- Re: Help understanding NMAP results Emmanuel Goldstein (Jul 12)
- Re: Help understanding NMAP results forums () kentane net (Jul 12)
- Re: Help understanding NMAP results cygnuz1979 (Jul 12)
- Re: Help understanding NMAP results Sander (Jul 26)
- <Possible follow-ups>
- Re: Help understanding NMAP results mike king (Jul 12)