312-50V11 · Question #613
Which of the following Nmap commands would be used to perform a stack fingerprinting?
The correct answer is A. Nmap -O -p80 <host(s.>. The -O flag in Nmap enables OS detection by analyzing TCP/IP stack responses, a technique known as stack fingerprinting. Pairing it with -p80 directs the probe to a commonly open port to improve accuracy.
Question
Which of the following Nmap commands would be used to perform a stack fingerprinting?
Options
- ANmap -O -p80 <host(s.>
- BNmap -hU -Q<host(s.>
- CNmap -sT -p <host(s.>
- DNmap -u -o -w2 <host>
- ENmap -sS -0p target
How the community answered
(24 responses)- A88% (21)
- B4% (1)
- D4% (1)
- E4% (1)
Why each option
The -O flag in Nmap enables OS detection by analyzing TCP/IP stack responses, a technique known as stack fingerprinting. Pairing it with -p80 directs the probe to a commonly open port to improve accuracy.
Nmap's -O flag activates OS detection by sending a series of specially crafted TCP and UDP packets to the target and comparing the responses against a built-in database of known TCP/IP stack signatures. This process is called stack fingerprinting because different operating systems implement the TCP/IP stack slightly differently, producing unique response patterns. The -p80 option focuses the probe on port 80, which is frequently open and increases the chance of a successful fingerprint.
The flags -hU and -Q are not valid Nmap options, making this command syntactically incorrect and non-functional.
The -sT flag initiates a TCP connect scan to enumerate open ports but does not perform OS detection without the -O flag.
The flags -u -o -w2 do not correspond to valid Nmap OS fingerprinting options and would not perform stack fingerprinting.
While -sS performs a SYN scan, the token '-0p' is malformed - it uses the digit zero instead of the letter O and omits a port number - making the command invalid.
Concept tested: Nmap OS detection via TCP/IP stack fingerprinting
Source: https://nmap.org/book/man-os-detection.html
Topics
Community Discussion
No community discussion yet for this question.