Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

nmap: OS hints from service versions

From: Vasiliy Kulikov <segooon () gmail com>
Date: Sun, 8 May 2011 23:08:23 +0400
Hi,

Rather often I get interesting results:

    PORT     STATE  SERVICE VERSION
    ...
    22/tcp   open   ssh     OpenSSH 5.1p1 Debian 5 (protocol 2.0)
    ...
    Device type: general purpose|firewall
    Running (JUST GUESSING): Linux 2.6.X (93%), ISS Linux 2.4.X (87%)
    Aggressive OS guesses: Linux 2.6.18 (93%), ISS Proventia GX3002 firewall
    (Linux 2.4.18) (87%), Linux 2.6.22 (85%), Linux 2.6.9 - 2.6.27 (85%),
    Linux 2.6.30 (85%)

Or even (still with scanned tcp 22 port):

    Running (JUST GUESSING): OpenBSD 4.X (91%)
    Aggressive OS guesses: OpenBSD 4.0 (91%)
    No exact OS matches for host (test conditions non-ideal).

While ssh server version gives very presice information about what
OS version the machine runs, I get very obscure OS results.  Here I'm
almost sure the machine runs Debian 5 (Lenny) with kernel 2.6.26.
I'm almost sure that some other services also disclosure Linux
distibutive version.  Is there currently any way to pass these hints to
OS version detection engine or at least show these hints in separated
output block (e.g. via script)?

Thanks,

-- 
Vasiliy
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: