One of the most exciting feature about the Nmap it’s is updated 2nd generation OS Fingerprinting Database. From the release note:
“Nmap revolutionized OS detection when the feature was first released in October 1998, and it served us well for more than 9 years as the database grew to 1,684 fingerprints. The new 2nd generation system incorporates everything we learned during those years and has proven itself more effective and accurate. The new database has 1,085 signatures, ranging from the 2Wire 11701HG wireless ADSL modem to the ZyXEL ZyWall 2 Plus firewall. In addition to more than 500 general purpose OS fingerprints, it contains 94 switches, 92 printers, 81 WAPs, 63 broadband routers, 31 firewalls, 19 VoIP phones, 16 webcams, 8 cell phones, and more. We currently only have fingerprints for 1 ATM machine and 2 game consoles. The new system is extensively documented.”
You can read a full documentation about OS fingerprinting here: http://insecure.org/nmap/osdetect/
For now let me give you an example of what this new OS detection can do over it’s previous version. The older version that I used was 4.21ALPHA4, which failed to detect my own computer OS, using this command: nmap -vv -O -P0 localhost
See where it says “No exact OS detection for host”
Using the same command the new Nmap 4.50 detects my OS correctly without any problem.
Correctly finds my OS as Linux 2.6.22 – 2.6.23
Very exciting stuff indeed!!Hacking Tools Linux Tools Security