Re: Windows port question

["Roeland Th. Jansen" <nmap () grobbebol xs4all nl>]

On Mon, Jun 17, 2002 at 11:46:15AM -0400, Vassili Sukharev wrote:
> Hi, can somebody please tell me whether OS fingerprinting functionality has
> been tested on Windows? Here's what I got upon running against a working
> host on my network:
>
> Starting nmap V. 2.54BETA36 ( www.insecure.org/nmap )
> Note: Host seems down. If it is really up, but blocking our ping probes,
> try -P0
> Nmap run completed -- 1 IP address (0 hosts up) scanned in 43 seconds

grobbebol:~ # nmap -O w98

Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Interesting ports on w98 (192.168.1.9):
(The 1548 ports scanned but not shown below are in state: closed)
Port       State       Service
139/tcp    open        netbios-ssn

Remote operating system guess: Windows NT4 / Win95 / Win98

Nmap run completed -- 1 IP address (1 host up) scanned in 2 seconds
grobbebol:~ #

this is w98 under vmware running on top of linux/X


and :


grobbebol:~ # nmap -O w2k

Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Interesting ports on w2k (192.168.1.13):
(The 1544 ports scanned but not shown below are in state: closed)
Port       State       Service
22/tcp     open        ssh
135/tcp    open        loc-srv
139/tcp    open        netbios-ssn
445/tcp    open        microsoft-ds
1025/tcp   open        listen

Remote OS guesses: Windows Me or Windows 2000 RC1 through final release,
MS Windows2000 Professional RC1/W2K Advance Server Beta3, Windows
Millenium Edition v4.90.3000

Nmap run completed -- 1 IP address (1 host up) scanned in 2 seconds


so yes it works.

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).