1
When I run Nmap with OS detection it delivers the kernel version of the Linux host instead of the name of the Distribution. Nessus does Os detection based on banners (http://www.tenable.com/blog/enhanced-operating-system-identification-with-nessus). Does somebody know if there is something similar for Nmap, perhaps a NSE script?
Laoneo
Posted 2014-02-26T09:44:15.427
Reputation: 111
1
Nmap does OS detection based on TCP/IP fingerprinting. The banner approach is complementary: either one is really not a complete picture. Banners can be faked, or ports forwarded to other systems. TCP fingerprint can be inaccurate or too general (as in your case of Linux kernel version vs. distribution).
Several NSE scripts, as well as service version detection fingerprints, can indicate the remote OS. Often this will be displayed below the scan report for the host as "Service Info: OS: Linux" or something more specific. There is currently not an NSE script for correlating service versions to a particular distribution. The primary difficulty would be creating and keeping updated a database of banners and distributions, since there are so many distributions out there
bonsaiviking
Posted 2014-02-26T09:44:15.427
Reputation: 1 563