Using nMap to Identify Applications

nMap uses a list of “default” applications in the nmap services file, used to list services running on scanned open ports.  To see the “real” application execute nMap using the “-sV” option.

nmap -T4 -F 195.88.229.107
Starting Nmap 6.47 ( http://nmap.org ) at 2015-03-03 15:14 GMT Standard Time
Nmap scan report for x.x.x.x
Host is up (0.016s latency).
Not shown: 90 closed ports
PORT     STATE SERVICE
25/tcp   open  smtp
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
389/tcp  open  ldap
443/tcp  open  https
445/tcp  open  microsoft-ds
995/tcp  open  pop3s
1027/tcp open  IIS
1028/tcp open  unknown
8081/tcp open  blackice-icecap
Nmap done: 1 IP address (1 host up) scanned in 112.14 seconds

nmap -sV -F 195.88.229.107
Starting Nmap 6.47 ( http://nmap.org ) at 2015-03-03 15:24 GMT Standard Time
Nmap scan report for 195.88.229.107
Host is up (0.015s latency).
Not shown: 90 closed ports
PORT     STATE SERVICE          VERSION
25/tcp   open  smtp             Lotus Domino smtpd 8.5.2FP3
135/tcp  open  msrpc            Microsoft Windows RPC
139/tcp  open  netbios-ssn
389/tcp  open  ldap             (Anonymous bind OK)
443/tcp  open  ssl/http         Lotus Domino httpd
445/tcp  open  microsoft-ds     Microsoft Windows 2003 or 2008 microsoft-ds
995/tcp  open  ssl/pop3         Lotus Domino POP3 server 8.5.2FP3
1027/tcp open  IIS?
1028/tcp open  unknown
8081/tcp open  blackice-icecap?
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port8081-TCP:V=6.47%I=7%D=3/3%Time=54F5D2B8%P=i686-pc-windows-windows%r
SF:(GetRequest,55,”HTTP/1\.1\x20403\x20Forbidden\r\nContent-Type:\x20text/
SF:plain\r\nContent-Length:\x2013\r\n\r\n403\x20Forbidden”)%r(FourOhFourRe
SF:quest,55,”HTTP/1\.1\x20403\x20Forbidden\r\nContent-Type:\x20text/plain\
SF:r\nContent-Length:\x2013\r\n\r\n403\x20Forbidden”)%r(HTTPOptions,55,”HT
SF:TP/1\.1\x20404\x20Not\x20Found\r\nContent-Type:\x20text/plain\r\nConten
SF:t-Length:\x2013\r\n\r\n404\x20Not\x20Found”);
Service Info: Host: mobile.darenmatthews.com; OS: Windows; CPE: cpe:/o:microsoft:windows
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 140.66 seconds

Was this article helpful?

Leave A Comment?

You must be logged in to post a comment.