Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Help with OS identification

From: David Fifield <david () bamsoftware com>
Date: Fri, 14 Nov 2008 17:02:25 -0700
Hi,

OS database growth happens in a lot of ways: new operating systems
prints are added, operating systems get additional prints, and new
operating systems are discovered for existing prints. When a new OS is
found for an existing print, usually it is just added to the OS
description. But occasionally this process gets out of hand, with dozens
of devices listed on a single print. For example we used to have

Fingerprint Broadband router (Actiontec GT701-WG or GT724-WG; BeWAN 770G ADSL2+;
 D-Link 500T; Linksys WAG54G v2, WAG354G, or RTP300; Netgear DG834G, or WELL PT 
I-850G), or Canon imageRUNNER C2620 printer

Using evidence from the submissions and some research, I was able to
determine that these devices run a particular embedded Linux
distribution, so the unwieldy description was changed into the shorter
and perhaps even more informative

Fingerprint MontaVista embedded Linux 2.4.17

Now we have a few other long descriptions, including the exceptional

Fingerprint Aastra 480i GT or 9133i IP phone, Allen-Bradley ControlLogix 1756-EW
EB web server module, Canon imageRUNNER 2570Ci printer, Compex WPE54G WAP, Harmo
nic MaxLink HLT 7806R optical network transmitter, Hitachi WMS 100 SAN controlle
r, Inter-tel 8662 VoIP phone, Netgear SC101 Storage Central NAS device, Sony Loc
ationFree media server, Scopus IVG-7100 media server, or Xerox Phaser 6120/N pri
nter

Clearly these is something linking all these devices together. I have a
hunch that they all run VxWorks. However I don't want to commit to that
until I have some evidence and perhaps a range of version numbers.
Wikipedia says that Xerox Phaser printers run VxWorks and some web
searches hint at the possibility for the other devices.

Does anyone have one of these devices who can investigate more deeply?
See if you can log into the device, or find a manufacturer's data sheet
specifying the OS.

The other overgrown descriptions that could perhaps be generalized too.
Try "egrep '^Fingerprint .{100,}' nmap-os-db". Some of the devices are
fairly common so I hope someone can help.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: