Solved

Unable to determine version of windows running using NMAP TCP/ip fingerprint.

Posted on 2014-10-06
2
320 Views
Last Modified: 2014-10-10
Hi and thank you in advance,

I am having trouble identifying which version of windows an host is running.  I have been reading NMAP articles on TCP/IP fingerprinting and still have an issue determining the version of windows running.  Please help decipher the TCP/IP finger print.  I was looking at the following line, WIN(W1=1%W2=3F%W3=4%W4=4%W5=10%W6=200), and was thinking that the fingerprint points to Windows 2000.  

TCP/IP Fingerprint Below:
SCAN(V=6.47%E=4%D=10/6%OT=21%CT=1%CU=%PV=N%G=Y%TM=5432AF37%P=i686-pc-windows-windows)
SEQ(CI=I%II=I)
OPS(O1=%O2=%O3=%O4=%O5=%O6=)
WIN(W1=1%W2=3F%W3=4%W4=4%W5=10%W6=200)
ECN(R=Y%DF=N%TG=20%W=3%O=%CC=N%Q=)
T1(R=Y%DF=N%TG=20%S=Z%A=O%F=R%RD=0%Q=)
T2(R=Y%DF=N%TG=20%W=80%S=Z%A=O%F=R%O=%RD=0%Q=)
T3(R=OS:Y%DF=N%TG=20%W=100%S=Z%A=O%F=R%O=%RD=0%Q=)
T4(R=Y%DF=N%TG=20%W=400%S=A%A=OS:Z%F=R%O=%RD=0%Q=)
T5(R=Y%DF=N%TG=20%W=7A69%S=Z%A=O%F=R%O=%RD=0%Q=)
T6(R=Y%DF=N%TG=20%W=8000%S=A%A=Z%F=R%O=%RD=0%Q=)
T7(R=Y%DF=N%TG=20%W=FFFF%S=Z%A=O%F=R%O=%RD=0%Q=)
U1(R=N)
IE(R=Y%DFI=N%TG=20%CD=S)
0
Comment
Question by:cesemj
2 Comments
 
LVL 13

Accepted Solution

by:
Gabriel Clifton earned 500 total points
ID: 40364008
Try this site for further explanation: http://nmap.org/nmap-fingerprinting-old.html
0
 

Author Comment

by:cesemj
ID: 40364080
reviewing now. - thanks.
0

Featured Post

Are your end users making ugly email signatures?

Have you left it up to your end users to create their own email signatures? Are they forgetting to add the company logo or using garish font colors? Take control and ensure all users have the same email signature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In 2017, ransomware will become so virulent and widespread that if you aren’t a victim yourself, you will know someone who is.
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now