Jump to content

Exact Os


newbiewa

Recommended Posts

#1 - Don't start a new thread for similar topics, you could have put this in the same one asking for help with nmap. #2 - if your neighbor is not on the same "lan" as you are, and its physcially say, your next door neighbors home network, chances are, his home router might share the same IP subnet, but you are separated by your external Internet facing IP addresses (lan vs wan), and unless you both share the same router or home network, you won't be able to scan his PC form yours. If this "neighbor" is someone in the same home as you, and you just mean the pc next to yours, thats a different story, but from the sounds of it, you are trying to scan someones PC on a different network, which unless you have permission, or know what you are doing, stop now and start reading up on networking 101.

#3 - Start reading on subnets, NAT, and IP networking in general. Come back when you don't understand what you've read, but you have to put in some work on your own here. You won't learn by questions alone, you need to learn by doing and also by researching some of this on your own. There is a great deal to go into the topic of networking in general, and its not a one post answer that can explain everything you really need to know. Google, youtube, and security tube as well as wikipedia are great places to get you started. Also, there are these things, called books. You can get them at these places called libraries and book stores. They still exist. Pick one up on Comptia's Network+ course. That should keep you busy for a good while and explain more than you need to figure out the rest.

Link to comment
Share on other sites

Hi digip !

thanks for such a nice advice... i'll try to catch up

btw i'm on the same network and scanning my neighbours computer just two feet away and i have permission as well... when i give a command


nmap -O 10.1.10.15
[/CODE]

my ip is 10.1.10.14

and it is returning

Running: Microsoft Windows 95/98/ME|NT/2k/XP

OS details: Microsoft windows Millennium Edition (Me), Windows 2000 Professional or advanced Server, or Windows XP

that's why i asked this Question even i know my neighbour is using Windows XP... but just wanted to know from the Gurus in the field.. for that i need tons of books????

for you it is just a one line answer

but anyways i'll keep your advice thanks once again for your patience

Regards,

Ewa

Edited by newbiewa
Link to comment
Share on other sites

The -O returning "Running: Microsoft Windows 95/98/ME|NT/2k/XP" is because it recognizes specific ports it found open, as being Windows related, and this falls into a guessing game depending on what it can retrieve back from the OS. You need to combine different scans together and possibly even nse scripts to pinpoint the exact OS.

There are some other types of advanced nmap scans, some that use the nse scripts as well ones that will do more thorough scanning or even tricks like using UDP vs TCP scans, that can further pinpoint the OS, but only if the OS in question cooperates too. The firewall on your neighbors machine and anti-virus could block ping replies or even have ports closed from responding, so trickier scans that try different types of pings and packet counting for say incremental packet responses can help deduce what the OS is based on timing, etc, which again, relies on data nmap can get back from the machine. If the machine returns nothing, its kind of hard to fingerprint it, and to be honest, the -O is not always the best way to identify a device when used alone.

Have a look at the nse library, and try some of the different windows scans and fuzzer scripts specific to windows - http://nmap.org/nsedoc/lib/nmap.html

I was referencing the networking books because they also go into understanding subnet masks, network segmentation, the APIPA Ip address, etc. It really is more than a 1 post response, there is a lot to learn with regard to networking, so not a simple one liner answer. Any number of things in the mix will change your results in a scan, from firewalls, routers, to the OS itself, wifi vs wired, etc.

By the way, if you can reach these forums, why can't you reach the nmap site to update to the latest version of nmap? The newer versions are much faster in their scanning for 1 and 2, have better methods of identification and support for newer NSE scripts, which will help you in what you are trying to do.

Edited by digip
Link to comment
Share on other sites

Hi digip!

Grateful to you for such an informative answer... i bet one can not find such detail and precise answers in the books. But i'll act on your reading suggestion

Big thanks

Regards,

Ewa

By the way, there is also an NMAP book too. You can probably find use copies on Amazon.com. I've been meaning to pick up a copy myself, since it goes pretty deep with nmap, but also packets and protocol stuff in general from what I understand. I wish they had a kindle version - http://www.amazon.co...48924651&sr=8-1 <-- Thats the official book, then there is also the nmap cookbook, whcih does have a kindle edition - http://www.amazon.com/Nmap-Cookbook-Fat-free-Scanning-ebook/dp/B005ZK84NU/ref=sr_1_1_title_1_kin?s=books&ie=UTF8&qid=1348924747&sr=1-1&keywords=nmap+kindle Edited by digip
Link to comment
Share on other sites

I don't know if you've tried these options, but it would be worth a shot.

--osscan-limit

--osscan-guess; --fuzzy

--max-os-tries

Here's the official link, if you need to know more details about these switches.

http://nmap.org/book...-detection.html

I'd also recommend, buying those books Digip suggested they are very good and will tell you a little bit more about Nmap.

Edited by Infiltrator
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...