Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 4: Using Nmap > Detecting Operating Systems

Detecting Operating Systems

A really nice feature of Nmap is the ability to remotely detect OS versions. This is particularly useful for network asset inventory and OS patch management. For example, you may use Nmap OS detection to identify outdated or unauthorized systems on your networks. Nmap performs OS detection by probing the target host and analyzing the responses. Probes include TCP and UDP packets that examine OS specifics such as initial sequence numbers (ISN), TCP options, IP identifier (ID) numbers, timestamps, explicit congestion notification (ECN), and window sizes. Each OS has distinctive responses to the probes, which identify the OS and result in an OS fingerprint. The probes and response matches are located in the nmap-os-db file. Nmap will attempt to identify the following parameters:


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint