Nmap Announce mailing list archives

Shiva fingerprint

From: "Sten Kalenda" <sten () rf roccadefinance nl>
Date: Wed, 16 Dec 1998 22:50:07 +0100

Responding to Fyodor's request here comes the Shiva AccessPort fingerprint

I'll incorporate these into nmap-os-fingerprints and when I get enough of
them I'll release a new version (of nmap, or possibly just send the
fingerprints file to the list).  Considering that there is already 300
people on this list, we should collectively have access to virtually every
mainstream type of machine out there.

Cheers,
Fyodor


Shiva SoHo router version:

AccessPort: system version

  Product name     : Shiva AccessPort Bridge/Router
  Serial number    : SAP121348
  Software version : 2.1.0 (1MB)  (10 Apr 1998)
  MC68360 CPU rev. : C
  ISDN variant     : S/T-ISDN
  Time running     :   21d 21h 54m 25s

  Interfaces : eth1      isdn2
  Protocols  : bridge    ip        ipx

  ISDN Software Version:

    SpiderISDN V4.00.00[0A], ETS 300 102 (EuroISDN)

fingerprint:
[root@stuiver /root]# nmap -sS -O -d 192.168.1.254

Starting nmap V. 2.00 by Fyodor (fyodor () dhp com, www.insecure.org/nmap/)
The first host is 192, and the last one is 192
The first host is 168, and the last one is 168
The first host is 1, and the last one is 1
The first host is 254, and the last one is 254
Packet capture filter: (icmp and dst host 192.168.1.1) or (tcp and dst host
192.
168.1.1 and ( dst port 62283 or dst port 62284 or dst port 62285 or dst port
622
86 or dst port 62287))
We got a ping packet back from 192.168.1.254: id = 51200 seq = 0 checksum =
1433
5
Hostupdate called for machne 192.168.1.254 state UNKNOWN/COMBO -> HOST_UP
(trynu
m 0, dotimeadj: yes time: 3473)
Finished block: srtt: 563 rttvar: 1126 timeout: 75000 block_tries: 1
up_this_blo
ck: 1 down_this_block: 0 group_sz: 1
massping done:  num_hosts: 1  num_responses: 1
Host fw.kalenda.nl (192.168.1.254) appears to be up ... good.
Starting pos_scan
Packet capture filter: (icmp and dst host 192.168.1.1) or (tcp and src host
192.
168.1.254 and dst host 192.168.1.1)
Initiating SYN half-open stealth scan against fw.kalenda.nl (192.168.1.254)
Adding TCP port 23 (state Open).
Adding TCP port 80 (state Open).
Done with round 0
The SYN scan took 3 seconds to scan 1035 ports.
Wait time is 200
Packet capture filter: (icmp and dst host 192.168.1.1) or (tcp and src host
192.
168.1.254 and dst host 192.168.1.1)
For OSScan assuming that port 23 is open and port 43257 is closed and
neither ar
e firewalled
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
Insufficient responses for TCP sequencing (0), OS detection will be MUCH
less re
liable
Wait time is 200
Packet capture filter: (icmp and dst host 192.168.1.1) or (tcp and src host
192.
168.1.254 and dst host 192.168.1.1)
For OSScan assuming that port 23 is open and port 37124 is closed and
neither ar
e firewalled
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
Insufficient responses for TCP sequencing (0), OS detection will be MUCH
less re
liable
Wait time is 200
Packet capture filter: (icmp and dst host 192.168.1.1) or (tcp and src host
192.
168.1.254 and dst host 192.168.1.1)
For OSScan assuming that port 23 is open and port 34347 is closed and
neither ar
e firewalled
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
WARNING:  RST from port 23 -- is this port really open?
Insufficient responses for TCP sequencing (0), OS detection will be MUCH
less re
liable
Interesting ports on fw.kalenda.nl (192.168.1.254):
Port    State       Protocol  Service
23      open        tcp        telnet
80      open        tcp        http

No OS matches for this host.  TCP fingerprints:
T1(Resp=Y%DF=N%W=244%ACK=S++%Flags=AS%Ops=M)
T2(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
T3(Resp=N)
T4(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
T5(Resp=Y%DF=N%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
T7(Resp=Y%DF=N%W=0%ACK=S%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)


Final times for host: srtt: 32724 rttvar: 11413  to: 78376
Nmap run completed -- 1 IP address (1 host up) scanned in 10 seconds
[root@stuiver /root]#


Groe10,
s10

Speaking for myself, of course
PGP Key ID 0D121CD9, created 1994/06/17

Current thread:

Shiva fingerprint Sten Kalenda (Dec 16)