Differences

This shows you the differences between two versions of the page.

--- nmap:intense_scan_plus_udp [2016/07/08 00:49] – created peter
+++ nmap:intense_scan_plus_udp [2019/12/01 10:59] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== nmap - Intense scan plus UDP ======
-Does OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute) in addition to scanning TCP and UDP ports.
-<code bash>
-sudo nmap -sS -sU -T4 -A -v 192.168.1.69
-</code>
-Result:
-<code>
-Starting Nmap 6.40 ( http://nmap.org ) at 2016-07-08 01:46 BST
-NSE: Loaded 110 scripts for scanning.
-NSE: Script Pre-scanning.
-Initiating Parallel DNS resolution of 1 host. at 01:46
-Completed Parallel DNS resolution of 1 host. at 01:46, 0.00s elapsed
-Initiating SYN Stealth Scan at 01:46
-Scanning peter-laptop-1 (192.168.1.69) [1000 ports]
-Discovered open port 139/tcp on 192.168.1.69
-Discovered open port 80/tcp on 192.168.1.69
-Discovered open port 445/tcp on 192.168.1.69
-Completed SYN Stealth Scan at 01:46, 1.99s elapsed (1000 total ports)
-Initiating UDP Scan at 01:46
-Scanning peter-laptop-1 (192.168.1.69) [1000 ports]
-Discovered open port 137/udp on 192.168.1.69
-Completed UDP Scan at 01:46, 2.48s elapsed (1000 total ports)
-Initiating Service scan at 01:46
-Scanning 8 services on peter-laptop-1 (192.168.1.69)
-Service scan Timing: About 62.50% done; ETC: 01:48 (0:00:49 remaining)
-Completed Service scan at 01:47, 82.55s elapsed (8 services on 1 host)
-Initiating OS detection (try #1) against peter-laptop-1 (192.168.1.69)
-Retrying OS detection (try #2) against peter-laptop-1 (192.168.1.69)
-Retrying OS detection (try #3) against peter-laptop-1 (192.168.1.69)
-Retrying OS detection (try #4) against peter-laptop-1 (192.168.1.69)
-adjust_timeouts2: packet supposedly had rtt of -225849 microseconds.  Ignoring time.
-adjust_timeouts2: packet supposedly had rtt of -225849 microseconds.  Ignoring time.
-Retrying OS detection (try #5) against peter-laptop-1 (192.168.1.69)
-NSE: Script scanning 192.168.1.69.
-Initiating NSE at 01:47
-Completed NSE at 01:48, 30.01s elapsed
-Nmap scan report for peter-laptop-1 (192.168.1.69)
-Host is up (0.000033s latency).
-Not shown: 1992 closed ports
-PORT     STATE         SERVICE     VERSION
-/tcp   open          http        nginx 1.4.6 (Ubuntu)
-|_http-methods: No Allow or Public header in OPTIONS response (status code 405)
-|_http-title: Site doesn't have a title (text/html).
-/tcp  open          netbios-ssn Samba smbd 3.X (workgroup: PETER-LAPTOP-1)
-/tcp  open          netbios-ssn Samba smbd 3.X (workgroup: PETER-LAPTOP-1)
-/udp   open|filtered dhcpc
-/udp  open          netbios-ns  Microsoft Windows XP netbios-ssn
-/udp  open|filtered netbios-dgm
-/udp  open|filtered ipp
-/udp open|filtered zeroconf
-No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
-TCP/IP fingerprint:
-OS:SCAN(V=6.40%E=4%D=7/8%OT=80%CT=1%CU=2%PV=Y%DS=0%DC=L%G=Y%TM=577EF84F%P=x
-OS:86_64-pc-linux-gnu)SEQ(SP=103%GCD=1%ISR=104%TI=Z%CI=I%TS=8)SEQ(SP=103%GC
-OS:D=2%ISR=104%TI=Z%TS=8)OPS(O1=MFFD7ST11NW7%O2=MFFD7ST11NW7%O3=MFFD7NNT11N
-OS:W7%O4=MFFD7ST11NW7%O5=MFFD7ST11NW7%O6=MFFD7ST11)WIN(W1=AAAA%W2=AAAA%W3=A
-OS:AAA%W4=AAAA%W5=AAAA%W6=AAAA)ECN(R=Y%DF=Y%T=40%W=AAAA%O=MFFD7NNSNW7%CC=Y%
-OS:Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40
-OS:%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q
-OS:=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A
-OS:=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%R
-OS:UCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)
-Uptime guess: 0.238 days (since Thu Jul  7 20:05:36 2016)
-Network Distance: 0 hops
-TCP Sequence Prediction: Difficulty=259 (Good luck!)
-IP ID Sequence Generation: All zeros
-Service Info: OSs: Linux, Windows; CPE: cpe:/o:linux:linux_kernel, cpe:/o:microsoft:windows
-Host script results:
-| nbstat:
-|   NetBIOS name: PETER-LAPTOP-1, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
-|   Names
-|     PETER-LAPTOP-1<00>   Flags: <unique><active>
-|     PETER-LAPTOP-1<03>   Flags: <unique><active>
-|     PETER-LAPTOP-1<20>   Flags: <unique><active>
-|     \x01\x02__MSBROWSE__\x02<01>  Flags: <group><active>
-|     WORKGROUP<00>        Flags: <group><active>
-|     WORKGROUP<1d>        Flags: <unique><active>
-|_    WORKGROUP<1e>        Flags: <group><active>
-| smb-os-discovery:
-|   OS: Windows 6.1 (Samba 4.3.9-Ubuntu)
-|   Computer name: peter-laptop-1
-|   NetBIOS computer name: PETER-LAPTOP-1
-|   Domain name:
-|   FQDN: peter-laptop-1
-|_  System time: 2016-07-08T01:47:45+01:00
-| smb-security-mode:
-|   Account that was used for smb scripts: guest
-|   User-level authentication
-|   SMB Security: Challenge/response passwords supported
-|_  Message signing disabled (dangerous, but default)
-|_smbv2-enabled: Server supports SMBv2 protocol
-NSE: Script Post-scanning.
-Read data files from: /usr/bin/../share/nmap
-OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
-Nmap done: 1 IP address (1 host up) scanned in 134.27 seconds
-           Raw packets sent: 2364 (98.947KB) | Rcvd: 4762 (220.298KB)
-</code>