Nmap Announce mailing list archives
NMAP 2.03 busted on linux?
From: Lamont Granquist <lamontg () raven genome washington edu>
Date: Wed, 27 Jan 1999 16:20:22 -0800
following runs are from fresh sources, untarred and then rebuilt. i don't think i'm doing anything wrong. system is redhat 5.2 with 2.0.36, latest RPMs AFAIK and with ipfwadm turned off. the 2.01 prediction that it is digital unix 4.0 is correct. nmap/nmap-2.01 # ./nmap -sS -O foobar Starting nmap V. 2.01 by Fyodor (fyodor () dhp com, www.insecure.org/nmap/) Interesting ports on foobar (207.46.130.149): Port State Protocol Service 13 open tcp daytime 21 open tcp ftp 22 open tcp unknown 23 open tcp telnet 25 open tcp smtp 79 open tcp finger 111 open tcp sunrpc 513 open tcp login 514 open tcp shell 515 open tcp printer 869 open tcp unknown 1024 open tcp unknown 1025 open tcp listen 1026 open tcp nterm TCP Sequence Prediction: Class=random positive increments Difficulty=189 (Medium) Remote operating system guess: Digital UNIX OSF1 V 4.0,4.0B,4.0D Nmap run completed -- 1 IP address (1 host up) scanned in 2 seconds nmap/nmap-2.01 # cd .. security/nmap # cd nmap-2.03 nmap/nmap-2.03 # ./nmap -sS -O foobar Starting nmap V. 2.03 by Fyodor (fyodor () dhp com, www.insecure.org/nmap/) Interesting ports on foobar (207.46.130.149): Port State Protocol Service 13 open tcp daytime 21 open tcp ftp 22 open tcp unknown 23 open tcp telnet 25 open tcp smtp 79 open tcp finger 111 open tcp sunrpc 513 open tcp login 514 open tcp shell 515 open tcp printer 869 open tcp unknown 1024 open tcp unknown 1025 open tcp listen 1026 open tcp nterm TCP Sequence Prediction: Class=random positive increments Difficulty=150 (Medium) No OS matches for host (see http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: TSeq(Class=RI%gcd=1%SI=127) TSeq(Class=RI%gcd=1%SI=7D) TSeq(Class=RI%gcd=1%SI=96) T1(Resp=Y%DF=Y%W=805C%ACK=S++%Flags=AS%Ops=MNW) T2(Resp=N) T3(Resp=Y%DF=Y%W=805C%ACK=O%Flags=A%Ops=) T4(Resp=Y%DF=N%W=8000%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=N%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=0%IPLEN=38%RIPTL=148%RID=E%RIPCK=E%UCK=0%ULEN=134%DAT=E) Nmap run completed -- 1 IP address (1 host up) scanned in 6 seconds -- Lamont Granquist lamontg () raven genome washington edu Dept. of Molecular Biotechnology (206)616-5735 fax: (206)685-7344 Box 352145 / University of Washington / Seattle, WA 98195 PGP pubkey: finger lamontg () raven genome washington edu | pgp -fka
Current thread:
- OS-Finger printing Nishad Herath (Jan 24)
- Re: OS-Finger printing Adam Shostack (Jan 24)
- <Possible follow-ups>
- Re: OS-Finger printing johann sebastian bach (Jan 24)
- NMAP 2.03 busted on linux? Lamont Granquist (Jan 27)
- Re: NMAP 2.03 busted on linux? Lamont Granquist (Jan 27)
- Re: NMAP 2.03 busted on linux? HD Moore (Jan 27)
- NMAP 2.03 busted on linux? Lamont Granquist (Jan 27)