Re: Regarding OS detection

[Daniel Miller <bonsaiviking () gmail com>]

Akash,

I just responded to your issue on Github regarding this [1]. The problem is
that something is interfering with network traffic between Nmap and the
target, resulting in one of the received checksums failing to validate.
This means that Nmap cannot get a 100% match, but enabling --osscan-guess
will show you partial matches.

-sU will not "bypass" any firewall, but will instead scan for open UDP
ports. OS detection uses closed UDP ports, not open, and it was able to
find one by probing randomly, so -sU will not benefit -O in this case.

Dan

On Sun, Jan 8, 2017 at 5:13 AM, Akash Das <akash210197 () gmail com> wrote:

> Respected all,
>
> I want to enquire about one thing that if the victim's system is protected
> by firewall and I try to bypass it with -sU option and then try to check
> it's os then can we be able to do that or not ?
>
> On Sun, Jan 8, 2017 at 3:51 PM, Akash Das <akash210197 () gmail com> wrote:
>
> > the OS fingerprint that I get was :-
> >
> > OS:SCAN(V=7.40%E=4%D=1/8%OT=22%CT=1%CU=35573%PV=Y%DS=2%DC=I%
> > G=Y%TM=5872070E
> > OS:%P=i686-pc-linux-gnu)SEQ(SP=106%GCD=1%ISR=10D%TI=Z%II=I%
> > TS=A)OPS(O1=M5B4
> > OS:ST11NW7%O2=M5B4ST11NW7%O3=M5B4NNT11NW7%O4=M5B4ST11NW7%O5=
> > M5B4ST11NW7%O6=
> > OS:M5B4ST11)WIN(W1=7120%W2=7120%W3=7120%W4=7120%W5=7120%W6=
> > 7120)ECN(R=Y%DF=
> > OS:Y%T=40%W=7210%O=M5B4NNSNW7%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A
> > =S+%F=AS%RD=0%Q
> > OS:=)T2(R=N)T3(R=N)T4(R=N)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR
> > %O=%RD=0%Q=)T6(
> > OS:R=N)T7(R=N)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIP
> > CK=G%RUCK=4C1E%
> > OS:RUD=G)IE(R=Y%DFI=N%T=40%CD=S)
> >
> >
> > On Sun, Jan 8, 2017 at 3:46 PM, Akash Das <akash210197 () gmail com> wrote:
> >
> > > Respected All,
> > >
> > > There has been an issue with the -O parameter while using nmap.
> > > while using this on a centos system it is not able to show the OS that
> > > is present on the system nor it's mac address.
> > > Moreover, when I am doing it on ubuntu system I am getting the os and
> > > mac but it is disbling that pc's network-manager and I think will give a
> > > problem while doing we have to use it for further usage.
> > >
> > > I am using nmap 7.40 and I have also submitted that fingerprint in
> > > nmap.org/submit.
> > >
> > > With regards,
> > > --
> > >
> > > *Akash Das*
> > >
> > > *Student Systems admin*
> > >
> > > *Indian Institute Of Information Technology*
> > > *Sricity*
> >
> >
> >
> > --
> >
> > *Akash Das*
> >
> > *Student Systems admin*
> >
> > *Indian Institute Of Information Technology*
> > *Sricity*
>
>
>
> --
>
> *Akash Das*
>
> *Student Systems admin*
>
> *Indian Institute Of Information Technology*
> *Sricity*
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/