PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-17 13:09:02 +00:00
Code Issues Projects Releases Wiki Activity

just moved an entry

Browse Source
This commit is contained in:
fyodor
2007-01-16 11:01:55 +00:00
parent 4e4924b408
commit 662cc464d0
2 changed files with 26 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docs/nmap.1
View File

@@ -2,7 +2,7 @@
.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
.\" Instead of manually editing it, you probably should edit the DocBook XML .\" Instead of manually editing it, you probably should edit the DocBook XML
.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. .\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
.TH "NMAP" "1" "12/12/2006" "" "Nmap Reference Guide" .TH "NMAP" "1" "01/16/2007" "" "Nmap Reference Guide"
.\" disable hyphenation .\" disable hyphenation
.nh .nh
.\" disable justification (adjust text to left margin only) .\" disable justification (adjust text to left margin only)
@@ -91,7 +91,7 @@ This options summary is printed when Nmap is run with no arguments, and the late
\fI\%http://insecure.org/nmap/data/nmap.usage.txt\fR. It helps people remember the most common options, but is no substitute for the in\-depth documentation in the rest of this manual. Some obscure options aren't even included here. \fI\%http://insecure.org/nmap/data/nmap.usage.txt\fR. It helps people remember the most common options, but is no substitute for the in\-depth documentation in the rest of this manual. Some obscure options aren't even included here.
.PP .PP
.nf .nf
Nmap 4.20 ( http://insecure.org ) Nmap 4.21ALPHA1 ( http://insecure.org )
Usage: nmap [Scan Type(s)] [Options] {target specification} Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION: TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc. Can pass hostnames, IP addresses, networks, etc.
@@ -128,6 +128,11 @@ SERVICE/VERSION DETECTION:
\-\-version\-light: Limit to most likely probes (intensity 2) \-\-version\-light: Limit to most likely probes (intensity 2)
\-\-version\-all: Try every single probe (intensity 9) \-\-version\-all: Try every single probe (intensity 9)
\-\-version\-trace: Show detailed version scan activity (for debugging) \-\-version\-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:
\-sC: equivalent to \-\-script=safe,intrusive
\-\-script=<lua scripts>: <lua scripts> is a comma separated list of dirs or scripts
\-\-script\-trace: Show all data sent and received
\-\-script\-updatedb: Update the script database. Only performed if \-sC or \-\-script was also given.
OS DETECTION: OS DETECTION:
\-O: Enable OS detection (try 2nd generation w/fallback to 1st) \-O: Enable OS detection (try 2nd generation w/fallback to 1st)
\-O2: Only use the new OS detection system (no fallback) \-O2: Only use the new OS detection system (no fallback)
@@ -1339,12 +1344,13 @@ option discussed previously.
\fB\-\-privileged\fR (Assume that the user is fully privileged) \fB\-\-privileged\fR (Assume that the user is fully privileged)
Tells Nmap to simply assume that it is privileged enough to perform raw socket sends, packet sniffing, and similar operations that usually require root privileges on UNIX systems. By default Nmap quits if such operations are requested but geteuid() is not zero. Tells Nmap to simply assume that it is privileged enough to perform raw socket sends, packet sniffing, and similar operations that usually require root privileges on UNIX systems. By default Nmap quits if such operations are requested but geteuid() is not zero.
\fB\-\-privileged\fR \fB\-\-privileged\fR
is useful with Linux kernel capabilities and similar systems that may be configured to allow unprivileged users to perform raw\-packet scans. Be sure to provide this option flag before any flags for options that require privileges (SYN scan, OS detection, etc.). The NMAP_PRIVILEGED variable may be set as an equivalent alternative to is useful with Linux kernel capabilities and similar systems that may be configured to allow unprivileged users to perform raw\-packet scans. Be sure to provide this option flag before any flags for options that require privileges (SYN scan, OS detection, etc.). The NMAP_PRIVILEGED environmental variable may be set as an equivalent alternative to
\fB\-\-privileged\fR. \fB\-\-privileged\fR.
.TP .TP
\fB\-\-unprivileged\fR (Assume that the user lacks raw socket privileges) \fB\-\-unprivileged\fR (Assume that the user lacks raw socket privileges)
This option is the opposite of This option is the opposite of
\fB\-\-privileged\fR. It tells Nmap to treat the user as lacking network raw socket and sniffing privileges. This is useful for testing, debugging, or when the raw network functionality of your operating system is somehow broken. \fB\-\-privileged\fR. It tells Nmap to treat the user as lacking network raw socket and sniffing privileges. This is useful for testing, debugging, or when the raw network functionality of your operating system is somehow broken. The NMAP_UNPRIVILEGED environmental variable may be set as an equivalent alternative to
\fB\-\-unprivileged\fR.
.TP .TP
\fB\-\-release\-memory\fR (Release memory before quitting) \fB\-\-release\-memory\fR (Release memory before quitting)
This option is only useful for memory\-leak debugging. It causes Nmap to release allocated memory just before it quits so that actual memory leaks are easier to spot. Normally Nmap skips this as the OS does this anyway upon process termination. This option is only useful for memory\-leak debugging. It causes Nmap to release allocated memory just before it quits so that actual memory leaks are easier to spot. Normally Nmap skips this as the OS does this anyway upon process termination.

32
nmap-os-db
View File

@@ -494,6 +494,22 @@ T7(R=Y%DF=N%T=40%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
U1(DF=N%T=40%TG=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G) U1(DF=N%T=40%TG=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)
IE(DFI=N%T=40%TG=40%TOSI=Z%CD=Z%SI=S%DLI=S) IE(DFI=N%T=40%TG=40%TOSI=Z%CD=Z%SI=S%DLI=S)
Fingerprint Captor Omni-Clock (employee timeclock)
Class Captor | embedded || specialized
SEQ(R=N)
OPS(R=N)
WIN(R=N)
ECN(R=N)
T1(R=N)
T2(R=N)
T3(R=N)
T4(R=N)
T5(R=Y%DF=N%T=40%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=Y%DF=N%T=40%TG=40%W=0%S=A%A=S%F=AR%O=%RD=0%Q=)
T7(R=Y%DF=N%T=40%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
U1(DF=N%T=40%TG=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)
IE(DFI=N%T=40%TG=40%TOSI=S%CD=S%SI=S%DLI=S)
# Check Point VPN-1(TM) & FireWall-1(R) NGX (R60) HFA_03, Hotfix 603 - Build 015 & IPSO fw-001 4.1-BUILD016 releng 1515 05.19.2006-052320 i386 # Check Point VPN-1(TM) & FireWall-1(R) NGX (R60) HFA_03, Hotfix 603 - Build 015 & IPSO fw-001 4.1-BUILD016 releng 1515 05.19.2006-052320 i386
# This is Check Point VPN-1(TM) & FireWall-1(R) NGX (R60) HFA_03, Hotfix 603 - Build 015 # This is Check Point VPN-1(TM) & FireWall-1(R) NGX (R60) HFA_03, Hotfix 603 - Build 015
# IPSO fw-001 4.1-BUILD016 releng 1515 05.19.2006-052320 i386 # IPSO fw-001 4.1-BUILD016 releng 1515 05.19.2006-052320 i386
@@ -4085,19 +4101,3 @@ T6(R=N)
T7(R=N) T7(R=N)
U1(DF=N%T=FE%TG=FE%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G) U1(DF=N%T=FE%TG=FE%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)
IE(DFI=N%T=FE%TG=FE%TOSI=S%CD=S%SI=S%DLI=S) IE(DFI=N%T=FE%TG=FE%TOSI=S%CD=S%SI=S%DLI=S)
Fingerprint Captor Omni-Clock (employee timeclock)
Class Captor | embedded || specialized
SEQ(R=N)
OPS(R=N)
WIN(R=N)
ECN(R=N)
T1(R=N)
T2(R=N)
T3(R=N)
T4(R=N)
T5(R=Y%DF=N%T=40%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
T6(R=Y%DF=N%T=40%TG=40%W=0%S=A%A=S%F=AR%O=%RD=0%Q=)
T7(R=Y%DF=N%T=40%TG=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)
U1(DF=N%T=40%TG=40%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUL=G%RUD=G)
IE(DFI=N%T=40%TG=40%TOSI=S%CD=S%SI=S%DLI=S)