On Thu, Jun 05, 2003 at 09:48:24AM -0700, Todd A. Jacobs wrote:
> Even when "Identify Remote OS" and "Use Hidden Option to Identify Remote
> OS" are selected, I'm not getting anything in the reports. However,
> scanning with nmap directly usually provides me with at least a string
> that I can make an educated guess with. Specifically:
>
> sudo nmap -v -n -P0 -sT -O 192.168.1.207
>
> Too many fingerprints match this host for me to give an accurate OS guess
> TCP/IP fingerprint:
> SInfo(V=3.27%P=i686-pc-linux-gnu%D=6/5%Time=3EDF7300%O=21%C=1)
> T1(Resp=N)
> T2(Resp=N)
> T3(Resp=N)
> T4(Resp=N)
> T5(Resp=N)
> T6(Resp=N)
> T7(Resp=N)
> PU(Resp=N)
>
> Why isn't Nessus seeing this as a Linux box? Does Nessus store this
> information anywhere else if it's not included in the report?
Because Nmap says "Too many fingerprints match this host".
The first line (SInfo(V=3.27%P=i686-pc-linux-gnu%D=6/5%Time=3EDF7300%O=21%C=1))
if about _your_ system, not the remote one.
-- Renaud
