Ubuntu: Nmap Logs Question



Question:

I recently did an Nmap scan of my network with the ZenMap GUI tool on my Ubuntu install and I got a weird scan result; well in my opinion anyways..

Even though I am using Ubuntu 15.04, for my host, I get the following results:

Device Type: AXIS Linux 2.6.X, Linux 2.6.X, ZyXEL embedded  OS CPE: cpe:/h:axis:210a_network_camera cpe:/  h:axis:211_network_camera cpe:/  o:axis:linux_kernel:2.6 cpe:/  o:linux:linux_kernel:2.6 cpe:/  o:google:android:2.2 cpe:/h:zyxel:nsa-210  OS details: AXIS 210A or 211 Network Camera (Linux 2.6.17),   Linux 2.6.14 - 2.6.34, Linux 2.6.17, Linux 2.6.17 (Mandriva), Android  2.2 (Linux 2.6), ZyXEL NSA-210 NAS device  Network Distance: 0 hops  

I also got a warning from the log that the results may be unreliable however, it's weird I got these results since the other hosts that were detected in the scan were correct.

My question now are these results normal or should I be alarmed since I do not have any of those indicated in my logs being used.


Solution:1

Nmap covers misidentified hosts in the online documentation, but here is the short version:

  1. Make sure you are using the latest Nmap.
  2. Get better scan conditions. Nmap will give unreliable results if you are more than 5 network hops away, if you are scanning with -T5, or if there were no open or no closed TCP ports discovered.
  3. Send a correction if Nmap still guesses wrong. This improves the database for everyone.


Solution:2

What command did you typed in to get this output ?

May the man nmap can help you to fix your command if you don't want to share it.

To get to know your ubuntu version use

lsb_release -a  

The output should be like

No LSB modules are available.  Distributor ID: Ubuntu  Description:    Ubuntu 15.04  Release:    15.04  Codename:   vivid  

To check your nmap version type

nmap -V  

Just to compare: When I type your command nmap -sV -T4 -O -d 10.10.10 I get (I skipped the scanning part)

Starting Nmap 6.47 ( http://nmap.org ) at 2015-07-17 20:51 CEST  PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0)  --------------- Timing report ---------------    hostgroups: min 1, max 100000    rtt-timeouts: init 500, min 100, max 1250    max-scan-delay: TCP 10, UDP 1000, SCTP 10    parallelism: min 0, max 0    max-retries: 6, host-timeout: 0    min-rate: 0, max-rate: 0  ---------------------------------------------  NSE: Using Lua 5.2.  NSE: Script Arguments seen from CLI:   NSE: Loaded 29 scripts for scanning.  Initiating Ping Scan at 20:51  Scanning 256 hosts [4 ports/host]  

Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »