Re: Nmap-5.61TEST4 for Windows - VMWare ESXi OS Fingerprinting Issue

[David Fifield <david () bamsoftware com>]

On Fri, Feb 03, 2012 at 09:28:22AM -0700, Shane Kinney wrote:
> Hi all,
>
> I have had some conflicting results between a network scan with nmap-5.61TEST4
> on Linux Ubuntu versus Windows XP.  I have the
> nmap-5.61TEST4 version installed on a Linux Ubuntu host, it seems to run
> exactly as I expect it with the output of the OS Fingerprinting
> showing that I have discovered my VMWare ESXi 4.1 host.  See below:

I think this is the problem:

> Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port

In the first scan, ports are open or closed, and in the second, they are
open or filtered. There must be a firewall or something blocking certain
ports in the second scan.

OS scan isn't as reliable when you don't have a closed port, as you've
seen. But I expect it to give better results than this. Can you run both
scans again with the -d option (to force it to print out a fingerprint)
and send the fingeprints to me?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/