312-50V10 · Question #613
Which of the following Nmap commands would be used to perform a stack fingerprinting?
The correct answer is A. Nmap -O -p80 <host(s.>. Nmap uses the -O flag to perform OS detection (TCP/IP stack fingerprinting) by sending crafted probes and comparing responses against a fingerprint database.
Question
Which of the following Nmap commands would be used to perform a stack fingerprinting?
Options
- ANmap -O -p80 <host(s.>
- BNmap -hU -Q<host(s.>
- CNmap -sT -p <host(s.>
- DNmap -u -o -w2 <host>
- ENmap -sS -0p target
How the community answered
(48 responses)- A94% (45)
- D2% (1)
- E4% (2)
Why each option
Nmap uses the -O flag to perform OS detection (TCP/IP stack fingerprinting) by sending crafted probes and comparing responses against a fingerprint database.
The Nmap -O flag activates OS detection by sending a series of specially crafted TCP, UDP, and ICMP probes to the target and comparing the responses against Nmap's built-in OS fingerprint database. The -p80 parameter directs the scan at port 80 to target an open port, which is required for accurate TCP-based fingerprinting probes. Together, 'nmap -O -p80 <host>' is the standard command for TCP/IP stack fingerprinting.
The flags -hU and -Q are not valid Nmap options; this command does not correspond to any recognized Nmap OS fingerprinting syntax.
Nmap -sT performs a full TCP connect scan, but without the -O flag it performs no OS detection or stack fingerprinting.
The flags -u -o -w2 do not represent valid Nmap OS fingerprinting options and would not successfully invoke OS detection.
While -sS is a valid SYN scan flag, '-0p' uses the digit zero rather than the letter O, making it malformed syntax that would not correctly invoke OS detection.
Concept tested: Nmap -O flag for TCP/IP stack OS fingerprinting
Source: https://nmap.org/book/man-os-detection.html
Topics
Community Discussion
No community discussion yet for this question.