** On May 20, Sven Burgener scribbled: > >There are at least three easy ways to check what operating system runs > on > >the remote machine (let's assume it's got the HTTP port open): > > > >1. nmap -O -p 80 host.name.com > > You don't want to scan them :), that's why the -p > > What's the -O option? For some reason, I can't find any info for it; I > am missing nmap's man page(!) Full info comes right your way :)):
-O This option activates remote host identification
via TCP/IP fingerprinting. In other words, it uses
a bunch of techniques to detect subtleties in the
underlying operating system network stack of the
computers you are scanning. It uses this informa
tion to create a 'fingerprint' which it compares
with its database of known OS fingerprints (the
nmap-os-fingerprints file) to decide what type of
system you are scanning.
If you find a machine that is misdiagnosed and has
5
NMAP(1) NMAP(1)
at least one port open, it would be useful if you
mail me the details (ie OS blah version foo was
detected as OS blah version bar). If you find a
machine with at least one port open for which nmap
says 'unknown operating system', then it would be
useful if you send me the IP address along with the
OS name and version number. If you can't send the
IP address, the next best thing is to run nmap with
the -d option and send me the three fingerprints
that should result along with the OS name and ver
sion number. By doing this you contribute to the
pool of operating systems known to nmap and thus it
will be more accurate for everyone.
straight from the nmap page :))
l8r,
marek :)
pgpup4yjssksn.pgp
Description: PGP signature
