- Code: Select all
root@blackJesus:~# nmap -Ss -A 10.0.1.101
WARNING: If -S is being used to fake your source address, you may also have to use -e <interface> and -Pn . If you are using it to specify your real source address, you can ignore this warning.
Starting Nmap 6.49BETA4 ("link to nmap's site") at 2016-04-23 03:47 BST
Could not figure out what device to send the packet out on with the source address you gave me! If you are trying to sp00f your scan, this is normal, just give the -e eth0 or -e ppp0 or whatever. Otherwise you can still use -e, but I find it kind of fishy.
QUITTING!
The following MAY have solved the problem:
- Code: Select all
root@blackJesus:~# nmap -Pn -A 1.0.1.101
Starting Nmap 6.49BETA4 ("link to nmap's website") at 2016-04-23 04:01 BST
Nmap scan report for 1.0.1.101
Host is up (0.022s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp?
|_ftp-bounce: no banner
554/tcp open rtsp?
7070/tcp open realserver?
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: broadband router|general purpose|WAP
Running (JUST GUESSING): Scientific Atlanta embedded (98%), NetBSD 5.X|6.X|4.X (94%), Linux 2.6.X|2.4.X (93%), Linksys Linux 2.4.X (91%), Apple NetBSD (88%)
OS CPE: cpe:/h:scientificatlanta:webstar_dpc2100r2 cpe:/o:netbsd:netbsd:5.0 cpe:/o:linux:linux_kernel:2.6.22 cpe:/o:linux:linux_kernel:2.4 cpe:/o:linksys:linux_kernel:2.4 cpe:/o:netbsd:netbsd:6 cpe:/o:netbsd:netbsd:4.99.49 cpe:/o:apple:netbsd
Aggressive OS guesses: Scientific Atlanta WebSTAR DPC2100R2 cable modem (98%), NetBSD 5.0 (94%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (93%), Linux 2.4.18 (92%), OpenWrt White Russian 0.9 (Linux 2.4.30) (91%), OpenWrt 0.9 - 7.09 (Linux 2.4.30 - 2.4.34) (91%), NetBSD 6.1.2 (89%), NetBSD 4.99.49 (x86) (89%), Apple AirPort Extreme WAP (version 7.7.3) (88%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
TRACEROUTE (using port 21/tcp)
HOP RTT ADDRESS
1 24.69 ms 1.0.1.101
OS and Service detection performed. Please report any incorrect results at "link to nmap's site I cannot post again"
Nmap done: 1 IP address (1 host up) scanned in 197.78 seconds
So now I don't know how to read that result. I get that it can't determine if the port is open or closed. In fact it they are clearly all filtered because nmap could not find "at least one open and one closed port." My guess is the program is failing because of my router's wifi security. I'm trying to find open ports and I'm also trying to hack my home network.
I tried a while ago to hack my wifi and failed right? I want to be able to identify individual computers on the network. But if this won't work on the router, how will it work on something connected to the router? I am also having trouble reading my results. I found some web pages to explain the ports.
On youtube, there aren't a lot of tutorial that actually describe how port scanning works. Just ones that describe how to scan them, usually with nmap. I am concerned with learning the different scans and I found some web pages that do that but the authors weren't really good explainers. I'm also really tired and I'm having trouble focusing after a few hours and probably need some sleep.
I want to understand the different types of scans. I think I can learn the difference between tcp and udp ports. I think open ports are ports that input and output info, closed ports won't let info input into it or output out of it, and filtered means that nmap can't tell if its open or closed.
What I got I think was all filtered. Does that mean that my router has strong security and is hard to crack, and I need to make a different network? If I can't crack this one router, how can I crack the computers connected to the router, if that question makes any sense?
So, next I tried zenmap. This time I got more thorough results. They are:
- Code: Select all
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2016-04-23 07:40 BST
NSE: Loaded 122 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 07:40
Completed NSE at 07:40, 0.00s elapsed
Initiating NSE at 07:40
Completed NSE at 07:40, 0.00s elapsed
Initiating ARP Ping Scan at 07:40
Scanning 255 hosts [1 port/host]
adjust_timeouts2: packet supposedly had rtt of -74525 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -61817 microseconds. Ignoring time.
Completed ARP Ping Scan at 07:40, 5.64s elapsed (255 total hosts)
Initiating Parallel DNS resolution of 255 hosts. at 07:40
Completed Parallel DNS resolution of 255 hosts. at 07:40, 0.07s elapsed
Nmap scan report for 10.0.1.0 [host down]
Nmap scan report for 10.0.1.2 [host down]
Nmap scan report for 10.0.1.4 [host down]
Nmap scan report for 10.0.1.5 [host down]
Nmap scan report for 10.0.1.6 [host down]
Nmap scan report for 10.0.1.7 [host down]
Nmap scan report for 10.0.1.8 [host down]
Nmap scan report for 10.0.1.9 [host down]
Nmap scan report for 10.0.1.10 [host down]
Nmap scan report for 10.0.1.11 [host down]
Nmap scan report for 10.0.1.12 [host down]
Nmap scan report for 10.0.1.13 [host down]
Nmap scan report for 10.0.1.14 [host down]
Nmap scan report for 10.0.1.15 [host down]
Nmap scan report for 10.0.1.16 [host down]
Nmap scan report for 10.0.1.17 [host down]
Nmap scan report for 10.0.1.18 [host down]
Nmap scan report for 10.0.1.19 [host down]
Nmap scan report for 10.0.1.20 [host down]
Nmap scan report for 10.0.1.21 [host down]
Nmap scan report for 10.0.1.22 [host down]
Nmap scan report for 10.0.1.23 [host down]
Nmap scan report for 10.0.1.24 [host down]
Nmap scan report for 10.0.1.25 [host down]
Nmap scan report for 10.0.1.26 [host down]
Nmap scan report for 10.0.1.27 [host down]
Nmap scan report for 10.0.1.28 [host down]
Nmap scan report for 10.0.1.29 [host down]
Nmap scan report for 10.0.1.30 [host down]
Nmap scan report for 10.0.1.31 [host down]
Nmap scan report for 10.0.1.32 [host down]
Nmap scan report for 10.0.1.33 [host down]
Nmap scan report for 10.0.1.34 [host down]
Nmap scan report for 10.0.1.35 [host down]
Nmap scan report for 10.0.1.36 [host down]
Nmap scan report for 10.0.1.37 [host down]
Nmap scan report for 10.0.1.38 [host down]
Nmap scan report for 10.0.1.39 [host down]
Nmap scan report for 10.0.1.40 [host down]
Nmap scan report for 10.0.1.41 [host down]
Nmap scan report for 10.0.1.42 [host down]
Nmap scan report for 10.0.1.43 [host down]
Nmap scan report for 10.0.1.44 [host down]
Nmap scan report for 10.0.1.45 [host down]
Nmap scan report for 10.0.1.46 [host down]
Nmap scan report for 10.0.1.47 [host down]
Nmap scan report for 10.0.1.48 [host down]
Nmap scan report for 10.0.1.49 [host down]
Nmap scan report for 10.0.1.50 [host down]
Nmap scan report for 10.0.1.51 [host down]
Nmap scan report for 10.0.1.52 [host down]
Nmap scan report for 10.0.1.53 [host down]
Nmap scan report for 10.0.1.54 [host down]
Nmap scan report for 10.0.1.55 [host down]
Nmap scan report for 10.0.1.56 [host down]
Nmap scan report for 10.0.1.57 [host down]
Nmap scan report for 10.0.1.58 [host down]
Nmap scan report for 10.0.1.59 [host down]
Nmap scan report for 10.0.1.60 [host down]
Nmap scan report for 10.0.1.61 [host down]
Nmap scan report for 10.0.1.62 [host down]
Nmap scan report for 10.0.1.63 [host down]
Nmap scan report for 10.0.1.64 [host down]
Nmap scan report for 10.0.1.65 [host down]
Nmap scan report for 10.0.1.66 [host down]
Nmap scan report for 10.0.1.67 [host down]
Nmap scan report for 10.0.1.68 [host down]
Nmap scan report for 10.0.1.69 [host down]
Nmap scan report for 10.0.1.70 [host down]
Nmap scan report for 10.0.1.71 [host down]
Nmap scan report for 10.0.1.72 [host down]
Nmap scan report for 10.0.1.73 [host down]
Nmap scan report for 10.0.1.74 [host down]
Nmap scan report for 10.0.1.75 [host down]
Nmap scan report for 10.0.1.76 [host down]
Nmap scan report for 10.0.1.77 [host down]
Nmap scan report for 10.0.1.78 [host down]
Nmap scan report for 10.0.1.79 [host down]
Nmap scan report for 10.0.1.80 [host down]
Nmap scan report for 10.0.1.81 [host down]
Nmap scan report for 10.0.1.82 [host down]
Nmap scan report for 10.0.1.83 [host down]
Nmap scan report for 10.0.1.84 [host down]
Nmap scan report for 10.0.1.85 [host down]
Nmap scan report for 10.0.1.86 [host down]
Nmap scan report for 10.0.1.87 [host down]
Nmap scan report for 10.0.1.88 [host down]
Nmap scan report for 10.0.1.89 [host down]
Nmap scan report for 10.0.1.90 [host down]
Nmap scan report for 10.0.1.91 [host down]
Nmap scan report for 10.0.1.92 [host down]
Nmap scan report for 10.0.1.93 [host down]
Nmap scan report for 10.0.1.94 [host down]
Nmap scan report for 10.0.1.95 [host down]
Nmap scan report for 10.0.1.96 [host down]
Nmap scan report for 10.0.1.97 [host down]
Nmap scan report for 10.0.1.98 [host down]
Nmap scan report for 10.0.1.99 [host down]
Nmap scan report for 10.0.1.100 [host down]
Nmap scan report for 10.0.1.102 [host down]
Nmap scan report for 10.0.1.103 [host down]
Nmap scan report for 10.0.1.104 [host down]
Nmap scan report for 10.0.1.105 [host down]
Nmap scan report for 10.0.1.106 [host down]
Nmap scan report for 10.0.1.110 [host down]
Nmap scan report for 10.0.1.111 [host down]
Nmap scan report for 10.0.1.112 [host down]
Nmap scan report for 10.0.1.113 [host down]
Nmap scan report for 10.0.1.115 [host down]
Nmap scan report for 10.0.1.116 [host down]
Nmap scan report for 10.0.1.117 [host down]
Nmap scan report for 10.0.1.118 [host down]
Nmap scan report for 10.0.1.119 [host down]
Nmap scan report for 10.0.1.120 [host down]
Nmap scan report for 10.0.1.121 [host down]
Nmap scan report for 10.0.1.122 [host down]
Nmap scan report for 10.0.1.123 [host down]
Nmap scan report for 10.0.1.124 [host down]
Nmap scan report for 10.0.1.125 [host down]
Nmap scan report for 10.0.1.126 [host down]
Nmap scan report for 10.0.1.127 [host down]
Nmap scan report for 10.0.1.128 [host down]
Nmap scan report for 10.0.1.129 [host down]
Nmap scan report for 10.0.1.130 [host down]
Nmap scan report for 10.0.1.131 [host down]
Nmap scan report for 10.0.1.132 [host down]
Nmap scan report for 10.0.1.133 [host down]
Nmap scan report for 10.0.1.134 [host down]
Nmap scan report for 10.0.1.135 [host down]
Nmap scan report for 10.0.1.136 [host down]
Nmap scan report for 10.0.1.137 [host down]
Nmap scan report for 10.0.1.138 [host down]
Nmap scan report for 10.0.1.139 [host down]
Nmap scan report for 10.0.1.140 [host down]
Nmap scan report for 10.0.1.141 [host down]
Nmap scan report for 10.0.1.142 [host down]
Nmap scan report for 10.0.1.143 [host down]
Nmap scan report for 10.0.1.144 [host down]
Nmap scan report for 10.0.1.145 [host down]
Nmap scan report for 10.0.1.146 [host down]
Nmap scan report for 10.0.1.147 [host down]
Nmap scan report for 10.0.1.148 [host down]
Nmap scan report for 10.0.1.149 [host down]
Nmap scan report for 10.0.1.150 [host down]
Nmap scan report for 10.0.1.151 [host down]
Nmap scan report for 10.0.1.152 [host down]
Nmap scan report for 10.0.1.153 [host down]
Nmap scan report for 10.0.1.154 [host down]
Nmap scan report for 10.0.1.155 [host down]
Nmap scan report for 10.0.1.156 [host down]
Nmap scan report for 10.0.1.157 [host down]
Nmap scan report for 10.0.1.158 [host down]
Nmap scan report for 10.0.1.159 [host down]
Nmap scan report for 10.0.1.160 [host down]
Nmap scan report for 10.0.1.161 [host down]
Nmap scan report for 10.0.1.162 [host down]
Nmap scan report for 10.0.1.163 [host down]
Nmap scan report for 10.0.1.164 [host down]
Nmap scan report for 10.0.1.165 [host down]
Nmap scan report for 10.0.1.166 [host down]
Nmap scan report for 10.0.1.167 [host down]
Nmap scan report for 10.0.1.168 [host down]
Nmap scan report for 10.0.1.169 [host down]
Nmap scan report for 10.0.1.170 [host down]
Nmap scan report for 10.0.1.171 [host down]
Nmap scan report for 10.0.1.172 [host down]
Nmap scan report for 10.0.1.173 [host down]
Nmap scan report for 10.0.1.174 [host down]
Nmap scan report for 10.0.1.175 [host down]
Nmap scan report for 10.0.1.176 [host down]
Nmap scan report for 10.0.1.177 [host down]
Nmap scan report for 10.0.1.178 [host down]
Nmap scan report for 10.0.1.180 [host down]
Nmap scan report for 10.0.1.181 [host down]
Nmap scan report for 10.0.1.182 [host down]
Nmap scan report for 10.0.1.183 [host down]
Nmap scan report for 10.0.1.184 [host down]
Nmap scan report for 10.0.1.185 [host down]
Nmap scan report for 10.0.1.186 [host down]
Nmap scan report for 10.0.1.189 [host down]
Nmap scan report for 10.0.1.190 [host down]
Nmap scan report for 10.0.1.192 [host down]
Nmap scan report for 10.0.1.193 [host down]
Nmap scan report for 10.0.1.194 [host down]
Nmap scan report for 10.0.1.195 [host down]
Nmap scan report for 10.0.1.196 [host down]
Nmap scan report for 10.0.1.197 [host down]
Nmap scan report for 10.0.1.198 [host down]
Nmap scan report for 10.0.1.199 [host down]
Nmap scan report for 10.0.1.200 [host down]
Nmap scan report for 10.0.1.201 [host down]
Nmap scan report for 10.0.1.202 [host down]
Nmap scan report for 10.0.1.203 [host down]
Nmap scan report for 10.0.1.204 [host down]
Nmap scan report for 10.0.1.205 [host down]
Nmap scan report for 10.0.1.206 [host down]
Nmap scan report for 10.0.1.207 [host down]
Nmap scan report for 10.0.1.208 [host down]
Nmap scan report for 10.0.1.209 [host down]
Nmap scan report for 10.0.1.210 [host down]
Nmap scan report for 10.0.1.211 [host down]
Nmap scan report for 10.0.1.212 [host down]
Nmap scan report for 10.0.1.213 [host down]
Nmap scan report for 10.0.1.214 [host down]
Nmap scan report for 10.0.1.215 [host down]
Nmap scan report for 10.0.1.216 [host down]
Nmap scan report for 10.0.1.217 [host down]
Nmap scan report for 10.0.1.218 [host down]
Nmap scan report for 10.0.1.219 [host down]
Nmap scan report for 10.0.1.220 [host down]
Nmap scan report for 10.0.1.221 [host down]
Nmap scan report for 10.0.1.222 [host down]
Nmap scan report for 10.0.1.223 [host down]
Nmap scan report for 10.0.1.224 [host down]
Nmap scan report for 10.0.1.225 [host down]
Nmap scan report for 10.0.1.226 [host down]
Nmap scan report for 10.0.1.227 [host down]
Nmap scan report for 10.0.1.228 [host down]
Nmap scan report for 10.0.1.229 [host down]
Nmap scan report for 10.0.1.230 [host down]
Nmap scan report for 10.0.1.231 [host down]
Nmap scan report for 10.0.1.232 [host down]
Nmap scan report for 10.0.1.233 [host down]
Nmap scan report for 10.0.1.234 [host down]
Nmap scan report for 10.0.1.235 [host down]
Nmap scan report for 10.0.1.236 [host down]
Nmap scan report for 10.0.1.237 [host down]
Nmap scan report for 10.0.1.238 [host down]
Nmap scan report for 10.0.1.239 [host down]
Nmap scan report for 10.0.1.240 [host down]
Nmap scan report for 10.0.1.241 [host down]
Nmap scan report for 10.0.1.242 [host down]
Nmap scan report for 10.0.1.243 [host down]
Nmap scan report for 10.0.1.244 [host down]
Nmap scan report for 10.0.1.245 [host down]
Nmap scan report for 10.0.1.246 [host down]
Nmap scan report for 10.0.1.247 [host down]
Nmap scan report for 10.0.1.248 [host down]
Nmap scan report for 10.0.1.249 [host down]
Nmap scan report for 10.0.1.250 [host down]
Nmap scan report for 10.0.1.251 [host down]
Nmap scan report for 10.0.1.252 [host down]
Nmap scan report for 10.0.1.253 [host down]
Nmap scan report for 10.0.1.254 [host down]
Nmap scan report for 10.0.1.255 [host down]
Initiating Parallel DNS resolution of 1 host. at 07:40
Completed Parallel DNS resolution of 1 host. at 07:40, 0.01s elapsed
Initiating SYN Stealth Scan at 07:40
Scanning 10 hosts [1000 ports/host]
Discovered open port 554/tcp on 10.0.1.188
Discovered open port 53/tcp on 10.0.1.1
Discovered open port 443/tcp on 10.0.1.109
Discovered open port 443/tcp on 10.0.1.101
Discovered open port 21/tcp on 10.0.1.101
Discovered open port 80/tcp on 10.0.1.3
Discovered open port 21/tcp on 10.0.1.109
Discovered open port 80/tcp on 10.0.1.101
Discovered open port 80/tcp on 10.0.1.109
Discovered open port 23/tcp on 10.0.1.3
Discovered open port 23/tcp on 10.0.1.101
Discovered open port 23/tcp on 10.0.1.109
Discovered open port 445/tcp on 10.0.1.188
Discovered open port 139/tcp on 10.0.1.188
Discovered open port 135/tcp on 10.0.1.188
SYN Stealth Scan Timing: About 4.72% done; ETC: 07:51 (0:10:26 remaining)
Increasing send delay for 10.0.1.114 from 0 to 5 due to 12 out of 29 dropped probes since last increase.
Increasing send delay for 10.0.1.109 from 0 to 5 due to 61 out of 151 dropped probes since last increase.
Discovered open port 912/tcp on 10.0.1.191
SYN Stealth Scan Timing: About 9.47% done; ETC: 07:51 (0:09:43 remaining)
Increasing send delay for 10.0.1.114 from 5 to 10 due to 11 out of 26 dropped probes since last increase.
SYN Stealth Scan Timing: About 11.06% done; ETC: 07:54 (0:12:12 remaining)
SYN Stealth Scan Timing: About 13.76% done; ETC: 07:55 (0:12:57 remaining)
Increasing send delay for 10.0.1.101 from 0 to 5 due to max_successful_tryno increase to 5
Increasing send delay for 10.0.1.101 from 5 to 10 due to max_successful_tryno increase to 6
Warning: 10.0.1.101 giving up on port because retransmission cap hit (6).
Discovered open port 515/tcp on 10.0.1.109
Increasing send delay for 10.0.1.1 from 0 to 5 due to 110 out of 274 dropped probes since last increase.
Discovered open port 10000/tcp on 10.0.1.1
Discovered open port 515/tcp on 10.0.1.101
Increasing send delay for 10.0.1.1 from 5 to 10 due to max_successful_tryno increase to 5
Increasing send delay for 10.0.1.179 from 0 to 5 due to max_successful_tryno increase to 5
SYN Stealth Scan Timing: About 25.98% done; ETC: 07:56 (0:12:10 remaining)
Increasing send delay for 10.0.1.179 from 5 to 10 due to 11 out of 24 dropped probes since last increase.
Discovered open port 62078/tcp on 10.0.1.187
SYN Stealth Scan Timing: About 30.71% done; ETC: 07:55 (0:10:45 remaining)
Discovered open port 2869/tcp on 10.0.1.188
Increasing send delay for 10.0.1.3 from 0 to 5 due to max_successful_tryno increase to 5
SYN Stealth Scan Timing: About 40.32% done; ETC: 07:56 (0:09:52 remaining)
Increasing send delay for 10.0.1.3 from 5 to 10 due to 51 out of 127 dropped probes since last increase.
Discovered open port 5009/tcp on 10.0.1.1
SYN Stealth Scan Timing: About 47.22% done; ETC: 07:57 (0:08:58 remaining)
Discovered open port 631/tcp on 10.0.1.109
Discovered open port 631/tcp on 10.0.1.101
SYN Stealth Scan Timing: About 51.83% done; ETC: 07:57 (0:08:03 remaining)
SYN Stealth Scan Timing: About 57.39% done; ETC: 07:57 (0:07:13 remaining)
Warning: 10.0.1.179 giving up on port because retransmission cap hit (6).
Increasing send delay for 10.0.1.187 from 0 to 5 due to max_successful_tryno increase to 5
Warning: 10.0.1.1 giving up on port because retransmission cap hit (6).
Increasing send delay for 10.0.1.187 from 5 to 10 due to max_successful_tryno increase to 6
SYN Stealth Scan Timing: About 62.91% done; ETC: 07:57 (0:06:19 remaining)
SYN Stealth Scan Timing: About 69.02% done; ETC: 07:57 (0:05:25 remaining)
Discovered open port 1024/tcp on 10.0.1.3
SYN Stealth Scan Timing: About 74.09% done; ETC: 07:57 (0:04:27 remaining)
Discovered open port 49155/tcp on 10.0.1.188
Completed SYN Stealth Scan against 10.0.1.179 in 865.76s (9 hosts left)
Increasing send delay for 10.0.1.109 from 5 to 10 due to max_successful_tryno increase to 5
Discovered open port 902/tcp on 10.0.1.191
SYN Stealth Scan Timing: About 81.21% done; ETC: 07:59 (0:03:32 remaining)
Discovered open port 10243/tcp on 10.0.1.188
SYN Stealth Scan Timing: About 86.51% done; ETC: 07:59 (0:02:35 remaining)
Completed SYN Stealth Scan against 10.0.1.107 in 994.08s (8 hosts left)
Completed SYN Stealth Scan against 10.0.1.187 in 995.08s (7 hosts left)
Completed SYN Stealth Scan against 10.0.1.1 in 1004.69s (6 hosts left)
Completed SYN Stealth Scan against 10.0.1.3 in 1010.49s (5 hosts left)
Discovered open port 5357/tcp on 10.0.1.188
Discovered open port 9100/tcp on 10.0.1.109
Completed SYN Stealth Scan against 10.0.1.109 in 1020.76s (4 hosts left)
Discovered open port 9100/tcp on 10.0.1.101
Completed SYN Stealth Scan against 10.0.1.101 in 1029.76s (3 hosts left)
Completed SYN Stealth Scan against 10.0.1.188 in 1034.24s (2 hosts left)
SYN Stealth Scan Timing: About 91.96% done; ETC: 07:59 (0:01:31 remaining)
Completed SYN Stealth Scan against 10.0.1.191 in 1036.19s (1 host left)
Warning: 10.0.1.114 giving up on port because retransmission cap hit (6).
Discovered open port 62078/tcp on 10.0.1.114
SYN Stealth Scan Timing: About 95.55% done; ETC: 08:00 (0:00:53 remaining)
SYN Stealth Scan Timing: About 97.42% done; ETC: 08:00 (0:00:31 remaining)
Completed SYN Stealth Scan at 08:05, 1482.65s elapsed (10000 total ports)
Initiating Service scan at 08:05
Scanning 30 services on 10 hosts
Completed Service scan at 08:07, 140.49s elapsed (32 services on 10 hosts)
Initiating OS detection (try #1) against 10 hosts
Retrying OS detection (try #2) against 3 hosts
NSE: Script scanning 10 hosts.
Initiating NSE at 08:07
Completed NSE at 08:08, 70.24s elapsed
Initiating NSE at 08:08
Completed NSE at 08:08, 0.07s elapsed
Nmap scan report for 10.0.1.1
Host is up (0.022s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
1/tcp filtered tcpmux
53/tcp open domain?
5009/tcp open airport-admin Apple AirPort or Time Capsule admin
10000/tcp open snet-sensor-mgmt?
| ndmp-version:
|_ ERROR: Failed to get host information from server
MAC Address: 34:12:98:02:53:EB (Apple)
Device type: general purpose
Running: NetBSD 5.X
OS CPE: cpe:/o:netbsd:netbsd:5
OS details: NetBSD 5.0 - 5.99.5
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=217 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE
HOP RTT ADDRESS
1 21.70 ms 10.0.1.1
Nmap scan report for 10.0.1.3
Host is up (0.0045s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
23/tcp open telnet?
80/tcp open http
|_http-methods: No Allow or Public header in OPTIONS response (status code 400)
|_http-title: NETGEAR WN3000RP
1024/tcp open kdm?
8400/tcp filtered cvd
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at https://nmap.org/cgi-bin/submit.cgi?new-service :
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port80-TCP:V=6.49BETA4%I=7%D=4/23%Time=571B1EA6%P=x86_64-pc-linux-gnu%r
SF:(GetRequest,C91,"HTTP/1\.0\x20200\x20OK\r\nContent-length:\x203110\r\nC
SF:ontent-type:\x20text/html\r\nCache-Control:no-cache\r\nPragma:no-cache\
SF:r\n\r\n<html><head>\r\n<META\x20name=\"description\"\x20content=\"WN300
SF:0RP\">\n<META\x20http-equiv=\"Content-Type\"\x20content=\"text/html;\x2
SF:0charset=utf-8\">\n<META\x20http-equiv=\"Content-Style-Type\"\x20conten
SF:t=\"text/css\">\n<META\x20http-equiv=\"Pragma\"\x20content=\"no-cache\"
SF:>\n<META\x20HTTP-equiv=\"Cache-Control\"\x20content=\"no-cache\">\n<MET
SF:A\x20HTTP-EQUIV=\"Expires\"\x20CONTENT=\"Mon,\x2006\x20Jan\x201990\x200
SF:0:00:01\x20GMT\">\n\r\n<title>NETGEAR\x20WN3000RP</title>\r\n<script\x2
SF:0type=\"text/javascript\"\x20src=\"changeUrl\.js\"></script>\r\n<script
SF:\x20language=\"javascript\"\x20type=\"text/javascript\">\r\nfunction\x2
SF:0loadnext\(\)\x20{\r\n\x20\x20\x20\x20var\x20showit=\(document\.layers\
SF:)\?\"show\":\"block\";\r\n\x20\x20\x20\x20var\x20hideit=\(document\.lay
SF:ers\)\?\"hide\":\"none\";\r\n\x20\x20\x20\x20var\x20el\x20=\x20\"alltex
SF:t\";\r\n\x20\x20\x20\x20var\x20device_id=\"WN3000RP\";\r\n\x20\x20\x20\
SF:x20var\x20lan_ip\x20=\x20\"10\.0\.1\.3\";\r\n\x20\x20\x20\x20var\x20wan
SF:_ip\x20=\x20\"10\.0\.1\.3\";\r\n\x20\x20\x20\x20var\x20url\x20=\x20\"\"
SF:;\r\n\x20\x20\x20\x20var\x20topPage\x20=\x20top;\r\n\x20\x20\x20\x20\r\
SF:n\x20\x20\x20")%r(HTTPOptions,12E,"HTTP/1\.0\x20400\x20Bad\x20Request\r
SF:\nContent-type:\x20text/html\r\n\r\n<html>\r\n<head>\r\n<meta\x20http-e
SF:quiv='Content-Type'\x20content='text/html;\x20charset=utf-8'>\r\n<title
SF:>400\x20Bad\x20Request</title></head>\r\n<body><h1>400\x20Bad\x20Reques
SF:t</h1>\r\n<p>This\x20server\x20does\x20not\x20support\x20the\x20operati
SF:on\x20requested\x20by\x20your\x20client\.</p></body>\r\n</html>\r\n")%r
SF:(RTSPRequest,12E,"HTTP/1\.0\x20400\x20Bad\x20Request\r\nContent-type:\x
SF:20text/html\r\n\r\n<html>\r\n<head>\r\n<meta\x20http-equiv='Content-Typ
SF:e'\x20content='text/html;\x20charset=utf-8'>\r\n<title>400\x20Bad\x20Re
SF:quest</title></head>\r\n<body><h1>400\x20Bad\x20Request</h1>\r\n<p>This
SF:\x20server\x20does\x20not\x20support\x20the\x20operation\x20requested\x
SF:20by\x20your\x20client\.</p></body>\r\n</html>\r\n");
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port1024-TCP:V=6.49BETA4%I=7%D=4/23%Time=571B1EA6%P=x86_64-pc-linux-gnu
SF:%r(GenericLines,1E5,"HTTP/1\.0\x20401\x20Unauthorized\r\nWWW-Authentica
SF:te:\x20Basic\x20realm=\"NETGEAR\x20WN3000RP\"\r\nContent-type:\x20text/
SF:html\r\n\r\n<html>\r\n<head>\r\n<meta\x20http-equiv='Content-Type'\x20c
SF:ontent='text/html;\x20charset=utf-8'>\r\n<title>401\x20Unauthorized</ti
SF:tle></head>\r\n<body\x20onload=\"document\.aForm\.submit\(\)\"><h1>401\
SF:x20Unauthorized</h1>\r\n<p>Access\x20to\x20this\x20resource\x20is\x20de
SF:nied,\x20your\x20client\x20has\x20not\x20supplied\x20the\x20correct\x20
SF:authentication\.</p><form\x20method=\"post\"\x20action=\"unauth\.cgi\?i
SF:d=1046175824\"\x20name=\"aForm\"></form></body>\r\n</html>\r\n")%r(GetR
SF:equest,C91,"HTTP/1\.0\x20200\x20OK\r\nContent-length:\x203110\r\nConten
SF:t-type:\x20text/html\r\nCache-Control:no-cache\r\nPragma:no-cache\r\n\r
SF:\n<html><head>\r\n<META\x20name=\"description\"\x20content=\"WN3000RP\"
SF:>\n<META\x20http-equiv=\"Content-Type\"\x20content=\"text/html;\x20char
SF:set=utf-8\">\n<META\x20http-equiv=\"Content-Style-Type\"\x20content=\"t
SF:ext/css\">\n<META\x20http-equiv=\"Pragma\"\x20content=\"no-cache\">\n<M
SF:ETA\x20HTTP-equiv=\"Cache-Control\"\x20content=\"no-cache\">\n<META\x20
SF:HTTP-EQUIV=\"Expires\"\x20CONTENT=\"Mon,\x2006\x20Jan\x201990\x2000:00:
SF:01\x20GMT\">\n\r\n<title>NETGEAR\x20WN3000RP</title>\r\n<script\x20type
SF:=\"text/javascript\"\x20src=\"changeUrl\.js\"></script>\r\n<script\x20l
SF:anguage=\"javascript\"\x20type=\"text/javascript\">\r\nfunction\x20load
SF:next\(\)\x20{\r\n\x20\x20\x20\x20var\x20showit=\(document\.layers\)\?\"
SF:show\":\"block\";\r\n\x20\x20\x20\x20var\x20hideit=\(document\.layers\)
SF:\?\"hide\":\"none\";\r\n\x20\x20\x20\x20var\x20el\x20=\x20\"alltext\";\
SF:r\n\x20\x20\x20\x20var\x20device_id=\"WN3000RP\";\r\n\x20\x20\x20\x20va
SF:r\x20lan_ip\x20=\x20\"10\.0\.1\.3\";\r\n\x20\x20\x20\x20var\x20wan_ip\x
SF:20=\x20\"10\.0\.1\.3\";\r\n\x20\x20\x20\x20var\x20url\x20=\x20\"\";\r\n
SF:\x20\x20\x20\x20var\x20topPage\x20=\x20top;\r\n\x20\x20\x20\x20\r\n\x20
SF:\x20\x20")%r(HTTPOptions,12E,"HTTP/1\.0\x20400\x20Bad\x20Request\r\nCon
SF:tent-type:\x20text/html\r\n\r\n<html>\r\n<head>\r\n<meta\x20http-equiv=
SF:'Content-Type'\x20content='text/html;\x20charset=utf-8'>\r\n<title>400\
SF:x20Bad\x20Request</title></head>\r\n<body><h1>400\x20Bad\x20Request</h1
SF:>\r\n<p>This\x20server\x20does\x20not\x20support\x20the\x20operation\x2
SF:0requested\x20by\x20your\x20client\.</p></body>\r\n</html>\r\n");
MAC Address: 28:C6:8E:84:A1:FC (Netgear,)
Device type: general purpose
Running: Linux 2.4.X
OS CPE: cpe:/o:linux:linux_kernel:2.4
OS details: Linux 2.4.18 - 2.4.35 (likely embedded)
Uptime guess: 11.400 days (since Mon Apr 11 22:32:38 2016)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=201 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE
HOP RTT ADDRESS
1 4.51 ms 10.0.1.3
Nmap scan report for 10.0.1.101
Host is up (0.0094s latency).
Not shown: 966 closed ports, 27 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp Brother/HP printer ftpd 1.13
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
23/tcp open telnet Brother/HP printer telnetd
80/tcp open http Debut embedded httpd 1.20 (Brother/HP printer http admin)
|_http-methods: No Allow or Public header in OPTIONS response (status code 411)
| http-robots.txt: 1 disallowed entry
|_/
|_http-server-header: debut/1.20
| http-title: Brother HL-L2380DW series
|_Requested resource was /general/status.html
443/tcp open ssl/http Debut embedded httpd 1.20 (Brother/HP printer http admin)
| http-cisco-anyconnect:
|_ ERROR: Not a Cisco ASA or unsupported version
| http-robots.txt: 1 disallowed entry
|_/
| http-title: Brother HL-L2380DW series
|_Requested resource was /general/status.html
| ssl-cert: Subject: commonName=Preset Certificate
| Issuer: commonName=Preset Certificate
| Public Key type: rsa
| Public Key bits: 1024
| Signature Algorithm: sha1WithRSAEncryption
| Not valid before: 2014-02-06T06:38:58
| Not valid after: 2014-03-08T06:38:58
| MD5: 3d24 c5e0 376d f84f 08f1 447d cfdb d395
|_SHA-1: 48e9 a0a7 653f 2700 b0be cc42 5a8e fec6 4793 a9fa
515/tcp open printer
631/tcp open http Debut embedded httpd 1.20 (Brother/HP printer http admin)
| http-methods: GET HEAD POST TRACE
| Potentially risky methods: TRACE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
| http-robots.txt: 1 disallowed entry
|_/
|_http-server-header: debut/1.20
| http-title: Brother HL-L2380DW series
|_Requested resource was /general/status.html
9100/tcp open jetdirect?
MAC Address: C0:38:96:66:50:C7 (Hon Hai Precision Ind. Co.)
Device type: printer|general purpose
Running: HP embedded, Wind River VxWorks
OS CPE: cpe:/h:hp:laserjet_cm1415fnw cpe:/h:hp:laserjet_cp1525nw cpe:/h:hp:laserjet_1536dnf cpe:/h:brother:dcp_j4110dw cpe:/h:brother:hl_3170cdw cpe:/o:windriver:vxworks
OS details: HP LaserJet CM1415fnw, CP1525nw, M475dn, or 1536dnf or Brother DCP-J4110DW or HL-3170CDW printer, VxWorks
Uptime guess: 11.403 days (since Mon Apr 11 22:29:10 2016)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=263 (Good luck!)
IP ID Sequence Generation: Busy server or unknown class
Service Info: Device: printer
TRACEROUTE
HOP RTT ADDRESS
1 9.38 ms 10.0.1.101
Nmap scan report for 10.0.1.107
Host is up (0.20s latency).
All 1000 scanned ports on 10.0.1.107 are filtered
MAC Address: CC:6D:A0:E2:A5:C5 (Roku)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
TRACEROUTE
HOP RTT ADDRESS
1 198.31 ms 10.0.1.107
Nmap scan report for 10.0.1.109
Host is up (0.0065s latency).
Not shown: 993 closed ports
PORT STATE SERVICE VERSION
21/tcp open ftp Brother/HP printer ftpd 1.13
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
23/tcp open telnet Brother/HP printer telnetd
80/tcp open http Debut embedded httpd 1.20 (Brother/HP printer http admin)
| http-robots.txt: 1 disallowed entry
|_/
|_http-server-header: debut/1.20
| http-title: Brother HL-L8350CDW series
|_Requested resource was /general/status.html
443/tcp open ssl/http Debut embedded httpd 1.20 (Brother/HP printer http admin)
| http-cisco-anyconnect:
|_ ERROR: Not a Cisco ASA or unsupported version
|_http-server-header: debut/1.20
| ssl-cert: Subject: commonName=Preset Certificate
| Issuer: commonName=Preset Certificate
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha1WithRSAEncryption
| Not valid before: 2000-01-01T00:00:00
| Not valid after: 2049-12-30T23:59:59
| MD5: 0012 4fc0 c0f5 f13a 8e48 e541 dcbe d76a
|_SHA-1: fbba 7f11 4078 edb6 2d6f c650 bc29 1abe 71c4 ce04
515/tcp open printer
631/tcp open http Debut embedded httpd 1.20 (Brother/HP printer http admin)
| http-robots.txt: 1 disallowed entry
|_/
|_http-server-header: debut/1.20
| http-title: Brother HL-L8350CDW series
|_Requested resource was /general/status.html
9100/tcp open jetdirect?
MAC Address: 00:80:92:C0:F3:28 (Silex Technology)
Device type: VoIP adapter|printer|general purpose
Running: AudioCodes embedded, HP embedded, HP VxWorks, Vocality embedded, Wind River VxWorks
OS CPE: cpe:/h:hp:laserjet_cm1415fnw cpe:/h:hp:laserjet_cp1525nw cpe:/h:hp:laserjet_1536dnf cpe:/h:brother:dcp_j4110dw cpe:/h:brother:hl_3170cdw cpe:/o:hp:vxworks cpe:/o:windriver:vxworks
OS details: Audiocodes MP-114 or MP-118 VoIP adapter, HP LaserJet CM1415fnw, CP1525nw, M475dn, or 1536dnf or Brother DCP-J4110DW or HL-3170CDW printer, VxWorks: HP printer or Vocality BASICS Four Wire VoIP gateway, VxWorks
Network Distance: 1 hop
Service Info: Device: printer
TRACEROUTE
HOP RTT ADDRESS
1 6.49 ms 10.0.1.109
Nmap scan report for 10.0.1.114
Host is up (0.011s latency).
Not shown: 656 filtered ports, 343 closed ports
PORT STATE SERVICE VERSION
62078/tcp open tcpwrapped
MAC Address: 80:D6:05:3E:E3:DC (Unknown)
OS fingerprint not ideal because: Didn't receive UDP response. Please try again with -sSU
No OS matches for host
Network Distance: 1 hop
TRACEROUTE
HOP RTT ADDRESS
1 11.05 ms 10.0.1.114
Nmap scan report for 10.0.1.179
Host is up (0.041s latency).
All 1000 scanned ports on 10.0.1.179 are closed
MAC Address: D8:30:62:52:06:4B (Apple)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
TRACEROUTE
HOP RTT ADDRESS
1 40.51 ms 10.0.1.179
Nmap scan report for 10.0.1.187
Host is up (0.10s latency).
Not shown: 999 closed ports
PORT STATE SERVICE VERSION
62078/tcp open tcpwrapped
MAC Address: C0:CC:F8:5E:EA:FC (Unknown)
Device type: general purpose|media device|phone
Running: Apple Mac OS X 10.7.X|10.9.X|10.8.X, Apple iOS 4.X|5.X|6.X
OS CPE: cpe:/o:apple:mac_os_x:10.7 cpe:/o:apple:mac_os_x:10.9 cpe:/o:apple:mac_os_x:10.8 cpe:/o:apple:iphone_os:4 cpe:/a:apple:apple_tv:4 cpe:/o:apple:iphone_os:5 cpe:/o:apple:iphone_os:6
OS details: Apple Mac OS X 10.7.0 (Lion) - 10.10 (Yosemite) or iOS 4.1 - 8.1.2 (Darwin 10.0.0 - 14.0.0)
Uptime guess: 4.257 days (since Tue Apr 19 01:59:18 2016)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=258 (Good luck!)
IP ID Sequence Generation: Randomized
TRACEROUTE
HOP RTT ADDRESS
1 102.74 ms 10.0.1.187
Nmap scan report for 10.0.1.188
Host is up (0.013s latency).
Not shown: 992 filtered ports
PORT STATE SERVICE VERSION
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows 98 netbios-ssn
445/tcp open microsoft-ds (primary domain: WORKGROUP)
554/tcp open rtsp?
2869/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
5357/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-methods: No Allow or Public header in OPTIONS response (status code 503)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Service Unavailable
10243/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
|_http-methods: No Allow or Public header in OPTIONS response (status code 404)
|_http-server-header: Microsoft-HTTPAPI/2.0
|_http-title: Not Found
49155/tcp open msrpc Microsoft Windows RPC
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port445-TCP:V=6.49BETA4%I=7%D=4/23%Time=571B1EAE%P=x86_64-pc-linux-gnu%
SF:r(SMBProgNeg,7B,"\0\0\0w\xffSMBr\0\0\0\0\x88\x01@\0\0\0\0\0\0\0\0\0\0\0
SF:\0\0\0@\x06\0\0\x01\0\x11\x07\0\x03\n\0\x01\0\x04\x11\0\0\0\0\x01\0\0\0
SF:\0\0\xfc\xe3\x01\0\xb5,K\xe0\xe6\x9d\xd1\x01\xa4\x01\x082\0\xe4C\?\xa0\
SF:xe5\xf5xqW\0O\0R\0K\0G\0R\0O\0U\0P\0\0\0H\0O\0M\0E\0O\0F\0F\0I\0C\0E\0\
SF:0\0");
MAC Address: 10:08:B1:5E:0E:98 (Hon Hai Precision Ind. Co.)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: specialized|WAP|phone
Running: iPXE 1.X, Linksys Linux 2.4.X, Linux 2.6.X, Sony Ericsson embedded
OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linksys:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6 cpe:/h:sonyericsson:u8i_vivaz
OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22), Sony Ericsson U8i Vivaz mobile phone
Network Distance: 1 hop
Service Info: Host: HOMEOFFICE; OSs: Windows, Windows 98; CPE: cpe:/o:microsoft:windows, cpe:/o:microsoft:windows_98
Host script results:
| nbstat: NetBIOS name: HOMEOFFICE, NetBIOS user: <unknown>, NetBIOS MAC: 10:08:b1:5e:0e:98 (Hon Hai Precision Ind. Co.)
| Names:
| HOMEOFFICE<20> Flags: <unique><active>
| HOMEOFFICE<00> Flags: <unique><active>
| WORKGROUP<00> Flags: <group><active>
| WORKGROUP<1e> Flags: <group><active>
| WORKGROUP<1d> Flags: <unique><active>
|_ \x01\x02__MSBROWSE__\x02<01> Flags: <group><active>
| smb-os-discovery:
| OS: Windows 8.1 9600 (Windows 8.1 6.3)
| OS CPE: cpe:/o:microsoft:windows_8.1::-
| NetBIOS computer name: HOMEOFFICE
| Workgroup: WORKGROUP
|_ System time: 2016-04-23T22:07:39-07:00
| smb-security-mode:
| authentication_level: user
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
|_smbv2-enabled: Server supports SMBv2 protocol
TRACEROUTE
HOP RTT ADDRESS
1 12.78 ms 10.0.1.188
Nmap scan report for 10.0.1.191
Host is up (0.0076s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE VERSION
902/tcp open ssl/vmware-auth VMware Authentication Daemon 1.10 (Uses VNC, SOAP)
912/tcp open vmware-auth VMware Authentication Daemon 1.0 (Uses VNC, SOAP)
MAC Address: E4:F8:9C:03:FF:48 (Intel Corporate)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: specialized|WAP|phone
Running: iPXE 1.X, Linksys Linux 2.4.X, Linux 2.6.X, Sony Ericsson embedded
OS CPE: cpe:/o:ipxe:ipxe:1.0.0%2b cpe:/o:linksys:linux_kernel:2.4 cpe:/o:linux:linux_kernel:2.6 cpe:/h:sonyericsson:u8i_vivaz
OS details: iPXE 1.0.0+, Tomato 1.28 (Linux 2.4.20), Tomato firmware (Linux 2.6.22), Sony Ericsson U8i Vivaz mobile phone
Network Distance: 1 hop
TRACEROUTE
HOP RTT ADDRESS
1 7.57 ms 10.0.1.191
Initiating SYN Stealth Scan at 08:08
Scanning 10.0.1.108 [1000 ports]
Completed SYN Stealth Scan at 08:08, 1.57s elapsed (1000 total ports)
Initiating Service scan at 08:08
Initiating OS detection (try #1) against 10.0.1.108
adjust_timeouts2: packet supposedly had rtt of -103765 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103765 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103719 microseconds. Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103719 microseconds. Ignoring time.
Retrying OS detection (try #2) against 10.0.1.108
WARNING: OS didn't match until try #2
NSE: Script scanning 10.0.1.108.
Initiating NSE at 08:08
Completed NSE at 08:08, 0.01s elapsed
Initiating NSE at 08:08
Completed NSE at 08:08, 0.00s elapsed
Nmap scan report for 10.0.1.108
Host is up (0.000039s latency).
All 1000 scanned ports on 10.0.1.108 are closed
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 2.4.X|2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.4.20, Linux 2.6.14 - 2.6.34, Linux 2.6.17 (Mandriva), Linux 2.6.23, Linux 2.6.24
Network Distance: 0 hops
NSE: Script Post-scanning.
Initiating NSE at 08:08
Completed NSE at 08:08, 0.00s elapsed
Initiating NSE at 08:08
Completed NSE at 08:08, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 256 IP addresses (11 hosts up) scanned in 1717.31 seconds
Raw packets sent: 27660 (1.240MB) | Rcvd: 13415 (554.567KB)
I noticed I got more info about each machine. I'm assuming the next steps are learning to understand the info so that I can use it for something. I really want to create a map of my home network and each of the devices on it. I know there's a separate feature for that in zenmap but that flowchart doesn't give full detail, just IP I think. I'm trying to map out my entire network in full detail. After that I want to try and crack into either the router or one of the hosts. What would be a good next step from here? I just ran an intense scan, which is the result I just showed you.
