OS Fingerprint Scanning
Sometimes there is a question about what OS is running on a server. There are advanced options from –help, but usually running nmap with -A is enough to tell you exactly what OS is running on the server in question.
Simple nmap scan, which includes OS detection:
nmap -v -A $s
Find an Available IP
Note that your company may have another system of record, so check there for the final authoritative answer.
A quick way to find an IP that is not in DNS, and not responding to ping, or ssh, is to run an nmap scan of the subnet.
Use nmap to find available IPs
net=10.1.1.0;p=24;nmap -v -R -sn ${net}/${p} -o /tmp/subnet-${net}-${p}.txt
An available IP would be one that shows an IP address with no DNS name, and also “host down.”Note: This may scan a large number of IPs, so it may be more convenient to write to a file to analyze later, rather tthan running the scan multiple times.
No comments:
Post a Comment