Nmap Development mailing list archives
Nmap-5.61TEST4 for Windows - VMWare ESXi OS Fingerprinting Issue
From: Shane Kinney <shanek () isiisi com>
Date: Fri, 3 Feb 2012 09:28:22 -0700
Hi all, I have had some conflicting results between a network scan with nmap-5.61TEST4 on Linux Ubuntu versus Windows XP. I have the nmap-5.61TEST4 version installed on a Linux Ubuntu host, it seems to run exactly as I expect it with the output of the OS Fingerprinting showing that I have discovered my VMWare ESXi 4.1 host. See below: root@notebook:~/nmap.org/dist/nmap-5.61TEST4# ./nmap -P0 -O -n 192.168.1.7 Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-02-02 18:10 MST Nmap scan report for 192.168.1.7 Host is up (0.0050s latency). Not shown: 992 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 427/tcp open svrloc 443/tcp open https 902/tcp open iss-realsecure 5989/tcp open wbem-https 8000/tcp open http-alt 8100/tcp open xprint-server MAC Address: 78:2B:CB:2D:4B:5E (Dell) Device type: specialized Running: VMware ESX Server 4.X OS CPE: cpe:/o:vmware:esx_server:4 OS details: VMware ESXi Server 4.1 Network Distance: 1 hop OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 3.03 seconds ----------------8<------------------------------------8<------------------------------------------8<------------------------------------- As you can see below, this scan shows the results of scanning the VMWare ESXi 4.1 with nmap 5.61TEST4 for Windows. The concern here is that the OS Fingerprinting for VMWare ESXi from the Windows version isn't working quite correctly. See below: C:\Program Files\Nmap>nmap -P0 -O -n 192.168.1.7 Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-02-02 17:07 Central Standard Time Nmap scan report for 192.168.1.7 Host is up (0.0067s latency). Not shown: 993 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 427/tcp open svrloc 443/tcp open https 902/tcp open iss-realsecure 8000/tcp open http-alt 8100/tcp open xprint-server Warning: OSScan results may be unreliable because we could not find at least 1 o pen and 1 closed port Device type: switch|phone|VoIP adapter|storage-misc|general purpose|VoIP phone|W AP|printer Running (JUST GUESSING): Cisco IOS 10.X (93%), Cisco embedded (91%), Nokia Symbi an OS (90%), Apple embedded (88%), QEMU (88%), Linux 2.0.X (86%), Aastra embedde d (86%), Konica Minolta embedded (86%) OS CPE: cpe:/h:cisco:catalyst_3000 cpe:/o:cisco:ios:10.3 cpe:/h:cisco:catalyst_1 900 cpe:/o:nokia:symbian_os cpe:/h:cisco:ata_188_voip_gateway cpe:/o:qemu:qemu c pe:/o:linux:kernel:2.0.33 Aggressive OS guesses: Cisco 3000 switch (IOS 10.3) (93%), Cisco Catalyst 1900 s witch (91%), Nokia 3600i mobile phone (90%), Cisco ATA 188 VoIP gateway (89%), A pple Time Capsule NAS device (88%), QEMU user mode network gateway (88%), Linux 2.0.33 (86%), Aastra 6731i VoIP phone or Apple AirPort Express WAP (86%), Konica Minolta bizhub 250 printer (86%), GNU Hurd 0.3 (86%) No exact OS matches for host (test conditions non-ideal). OS detection performed. Please report any incorrect results at http://nmap.org/s ubmit/ . Nmap done: 1 IP address (1 host up) scanned in 29.99 seconds ----------------8<------------------------------------8<------------------------------------------8<------------------------------------- Thanks in advance for your help with this. If there is anything that I can do to help, please let me know. Regards, Shane Kinney e: shanek () isiisi com _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap-5.61TEST4 for Windows - VMWare ESXi OS Fingerprinting Issue Shane Kinney (Feb 03)
- Re: Nmap-5.61TEST4 for Windows - VMWare ESXi OS Fingerprinting Issue David Fifield (Feb 03)