Nmap Development mailing list archives

OS detection with Nmap on ubuntu server 12.04

From: Yaroslav Yarmoshyk <y.yarmoshyk () ism-ukraine com>
Date: Tue, 24 Jul 2012 07:42:41 +0000

Hello!
I'm a hosting administrator at ecommerce development company. I needed to create a cript to scan subnets and determine 
Operation system and some other stuff.

I decided to use nmap scanner to obtain information about servers, and then cat information that I need. I was writing 
it on OS Ubuntu 10.04 Lucid, and everything worked great.

When I transferred it to production server (Ubuntu 12.04 Precise) I got troubles with getting information about OS 
based on fingerprints. I get some wired fingerprints output. Server has no firewall restrictions.

Are there any fixes for it? Maybe I need some extra packages to run it in proper way?

I get:
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=6.01%E=4%D=7/24%OT=21%CT=1%CU=37083%PV=Y%DS=5%DC=I%G=Y%TM=500E4C4
OS:F%P=x86_64-unknown-linux-gnu)SEQ(SP=107%GCD=1%ISR=10A%TI=Z%CI=Z%II=I%TS=
OS:8)OPS(O1=M574ST11NW7%O2=M574ST11NW7%O3=M574NNT11NW7%O4=M574ST11NW7%O5=M5
OS:74ST11NW7%O6=M574ST11)WIN(W1=3890%W2=3890%W3=3890%W4=3890%W5=3890%W6=389
OS:0)ECN(R=Y%DF=Y%T=41%W=3908%O=M574NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=41%S=O%A=S
OS:+%F=AS%RD=0%Q=)T2(R=N)T3(R=Y%DF=Y%T=41%W=3890%S=O%A=S+%F=AS%O=M574ST11NW
OS:7%RD=0%Q=)T4(R=Y%DF=Y%T=41%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=41%W
OS:=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=41%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)
OS:T7(R=Y%DF=Y%T=41%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=41%IPL=164%U
OS:N=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%T=41%CD=S)

But running nmap for the same server on Lucid server I get pure information about OS:

Running (JUST GUESSING): Linux 2.6.X|3.X|2.4.X (90%), IPFire Linux 2.6.X (87%), IGEL Linux 2.6.X (85%)
OS CPE: cpe:/o:linux:kernel:2.6 cpe:/o:linux:kernel:3 cpe:/o:ipfire:linux:2.6 cpe:/o:linux:kernel:2.4 
cpe:/o:igel:linux:2.6
Aggressive OS guesses: Linux 2.6.32 - 2.6.38 (90%), Linux 3.0 (89%), IPFire firewall 2.11 (Linux 2.6) (87%), Linux 
2.6.38 (87%), DD-WRT v24-sp1 (Linux 2.4) (86%), Linux 2.6.39 (86%), IGEL UD3 thin client (Linux 2.6) (85%), Linux 
2.6.32 (85%), Linux 2.6.35 (85%), Linux 2.6.35 (Ubuntu) (85%)

Best regards,

Yaroslav Yarmoshyk
System Administrator, ISM eCompany
Mob.: 093-614-70-52
Skype: yaroslav.yarmoshyk

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

OS detection with Nmap on ubuntu server 12.04 Yaroslav Yarmoshyk (Jul 24)
- Re: OS detection with Nmap on ubuntu server 12.04 David Fifield (Jul 24)