Service & OS
Service Detection
Service detection in Nmap identifies the software and version running on open ports of a target machine. It sends specific probes to these services and analyzes the responses to accurately detect the service and version, which can help in discovering vulnerabilities or unusual configurations.
This command performs a full TCP SYN scan (-sS
), detects services and versions (-sV
), scans all ports (-p-
), and uses a faster timing template (-T4
) for quicker results.
Version Intensity
Nmap allows control over the intensity of version detection with the --version-intensity
option, which ranges from 0 (light scan) to 9 (most aggressive scan). Lower intensities perform fewer probes, while higher intensities use more to improve detection accuracy.
OS Detection
Nmap can detect the operating system (OS) running on a target machine by analyzing various network-level responses such as TCP/IP stack characteristics. This helps in understanding the system's configuration and potential vulnerabilities specific to the OS. -O
enables OS Detection.
--osscan-guess
The --osscan-guess
option is used when Nmap is uncertain about the exact OS. It provides an educated guess, offering the closest match, even if the confidence level isn't very high. This can be useful when dealing with obscure or less common systems.
This command performs a TCP SYN scan (-sS
), detects services and versions (-sV
), enables OS detection (-O
), allows guessing the OS if necessary (--osscan-guess
), scans all ports (-p-
), and uses a faster timing template (-T4
) for quicker results.
Last updated