2009年10月13日星期二

使用namp远程探测操作系统

nmap可以根据tcp/ip协议栈的指纹远程探测操作系统,但是不同版本的nmap对同一远程目的操作系统的探测结果会有所差异。
测试环境:ubuntu9.04/nmap4.76/nmap5.0

测试过程:
192.168.1.1是一台netgear的wgr614v7的无线路由器
woody@ubuntu:~$ sudo nmap -sS -v -O 192.168.1.1
Starting Nmap 4.76 ( http://nmap.org ) at 2009-10-13 06:37 PDT
Device type: storage-misc|remote management|general purpose
Running (JUST GUESSING) : BlueArc embedded (92%), IBM embedded (85%), HP embedded (85%), IBM AIX 5.X (85%)
Aggressive OS guesses: BlueArc Titan 2100 NAS device (92%), IBM BladeCenter management module (firmware BRET85L), IBM System Storage TS3100/TS3200 Express Model tape library, or HP StorageWorks MSL2024 tape library (85%), IBM AIX 5.1 (85%)
No exact OS matches for host (test conditions non-ideal).
TCP Sequence Prediction: Difficulty=257 (Good luck!)

woody@ubuntu:~$ sudo nmap -sS -v -O 192.168.1.1
Starting Nmap 5.00 ( http://nmap.org ) at 2009-10-13 07:06 PDT
Device type: general purpose|storage-misc
Running (JUST GUESSING) : Apple Mac OS X 10.5.X (93%), BlueArc embedded (86%)
Aggressive OS guesses: Apple Mac OS X 10.5.5 (Leopard) (93%), BlueArc Titan 2100 NAS device (86%)
No exact OS matches for host (test conditions non-ideal).

两次探测结果有交叉,但是不完全一样。


192.168.1.100是一台dlink的nas设备
woody@ubuntu:~$ sudo nmap -sS -v -O 192.168.1.100
Starting Nmap 4.76 ( http://nmap.org ) at 2009-10-13 06:40 PDT
Device type: storage-misc|remote management|general purpose
Running (JUST GUESSING) : BlueArc embedded (92%), IBM embedded (85%), HP embedded (85%), IBM AIX 5.X (85%)
Aggressive OS guesses: BlueArc Titan 2100 NAS device (92%), IBM BladeCenter management module (firmware BRET85L), IBM System Storage TS3100/TS3200 Express Model tape library, or HP StorageWorks MSL2024 tape library (85%), IBM AIX 5.1 (85%)
No exact OS matches for host (test conditions non-ideal).

woody@ubuntu:~$ sudo nmap -sS -v -O 192.168.1.100
Starting Nmap 5.00 ( http://nmap.org ) at 2009-10-13 07:07 PDT
Running: Apple Mac OS X 10.5.X
OS details: Apple Mac OS X 10.5.5 (Leopard)

看来5.0版本的nmap和我一样喜欢mac

最后看看对本机的扫描
woody@ubuntu:~$ sudo nmap -sS -v -O 127.0.0.1
Starting Nmap 4.76 ( http://nmap.org ) at 2009-10-13 06:40 PDT
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.17 - 2.6.25

woody@ubuntu:~$ sudo nmap -sS -v -O 127.0.0.1
Starting Nmap 5.00 ( http://nmap.org ) at 2009-10-13 07:08 PDT
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.17 - 2.6.28

结果都靠谱,差不多。

但是没有权威的阿





标签:


// 发贴者:放牛娃的春天 @ 十月 13, 2009
评论: 发表评论

订阅 博文评论 [Atom]





<< 主页

This page is powered by Blogger. Isn't yours?

订阅 博文 [Atom]