When nmap can't ID the OS...

From: Derek Fountain (dflists_at_iinet.net.au)
Date: 11/26/04

  • Next message: Carlos Garcia: "Re: deny access" 
    To: security-basics@lists.securityfocus.com
Date: Fri, 26 Nov 2004 16:40:22 +0800

    I have a remote server, which according to Netcraft, is running IIS-5.0 on
    Windows2000. I don't know for sure if that's the case, but it is believable.

    When I used nmap (3.75) to ID the OS on it, it says it doesn't know. The
    machine has several ports open and none filtered, so I'd have thought nmap
    could work it out. I have a local machine running W2K and nmap can ID that
    (at least as far as telling me it's running some version on Windows).

    What could be up with the remote machine that stops nmap IDing the OS it is
    running?

  • Next message: Carlos Garcia: "Re: deny access"

    Relevant Pages

    • Re: will it log my IP
      ... Nmap will probably get logged by most firewalls at most sites as an attempt to ... In general there are ways to mask and spoof IP addresses and hide locations. ... Stamitz wrote: ... etc. to look at a remote server, will my IP be logged on that server? ...
      (alt.computer.security)
    • nmap inconsistent results - via intermedite router?
      ... When I run an nmap from my home machine to the internet machine, ... reports the 5190 port as open amongst the usual ssh etc. ... But why does an outgoing request, targetted at a remote server then ...
      (comp.security.firewalls)
    • Re: ipfw with logging.
      ... I am running Freebsd 62 P5. ... : I have compiled the kernel with the following options: ... When I nmap -vv this server from a remote server, ...
      (comp.unix.bsd.freebsd.misc)
    • will it log my IP
      ... If I use a ping command to visit a remote server, or if I use Nmap, Lanspy ...
      (alt.computer.security)