Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

Interesting scan results and a few comments
From: "Sina Bahram" <sbahram () nc rr com>
Date: Tue, 4 Jul 2006 22:37:26 -0400
Hi all,

Could I get some feedback on this scan?

I did hit space bar once or twice so that I could get some status, and
you'll notice you always get 0.00% for the DNS resolution, until it's
complete ... At which time it's complete. I suppose this makes sense because
I really can't imagine how to report status on dns resolution ... But I just
wanted to comment on it.

Also, Fyodor, I didn't see this in your fix log, but I do think the bug
where running nmap like this:

"nmap -v"

makes it think you are going to do an OS scan, has been fixed.

Here's the scan on a play linksys router I've got over here ... Some
questions follow:

***

nmap -sV -O 192.168.1.1
Starting Nmap 4.20ALPHA4 ( http://www.insecure.org/nmap ) at 2006-07-04
22:28 Eastern Daylight Time
Stats: 0:00:09 elapsed; 0 hosts completed (0 up), 0 undergoing ARP Ping Scan

Parallel DNS resolution Timing: About 0.00% done
Stats: 0:00:31 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth
Scan
SYN Stealth Scan Timing: About 89.18% done; ETC: 22:28 (0:00:02 remaining)
Insufficient responses for TCP sequencing (1), OS detection may be less
accurate
Insufficient responses for TCP sequencing (1), OS detection may be less
accurate
Insufficient responses for TCP sequencing (1), OS detection may be less
accurate
Insufficient responses for TCP sequencing (0), OS detection may be less
accurate
Interesting ports on 192.168.1.1:
Not shown: 1680 filtered ports
PORT    STATE  SERVICE    VERSION
80/tcp  open   tcpwrapped
113/tcp closed auth
MAC Address: 00:0F:66:33:C2:8E (Cisco-Linksys)
Device type: webcam
Running: D-Link embedded
OS details: D-Link dcs-5300w Wireless WebCam
Network Distance: 1 hops
Nmap finished: 1 IP address (1 host up) scanned in 46.062 seconds

***

Should lines as the following be printed on a non-verbose mode?

Insufficient responses for TCP sequencing (0), OS detection may be less
accurate

Did I miss what tcpwrapped means with relation to an http daemon running on
80?

What should I do about the D-Link mismatch ... Should I do an OS scan with
-vv turned on and then submit the fingerprint?

Thanks for any feedback

Take care,
Sina



_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev

  By Date           By Thread  

Current thread:
  • Interesting scan results and a few comments Sina Bahram (Jul 04)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]