Detection

Nmap is real good at detect'n stuff.

Version Detection

Point Nmap at a remote machine and it might tell you that ports 25/tcp, 80/tcp, and 53/udp are open. Using its nmap-services database of about 2,200 well-known services, Nmap would report that those ports probably correspond to a mail server (SMTP), web server (HTTP), and name server (DNS) respectively.

Nmapr.scan :cmd do
  detect :version
end

Version Intensity

The intensity must be between 0 and 9. The default is 7. However, you can also specify with symbols to have a :light intensity level or to use :all of them.

Nmapr.scan :cmd do
  version_intensity 0
  # or
  version_intensity 9
  # or
  version_intensity :light
  # or 
  version_intensity :all
end

Version Trace

This causes Nmap to print out extensive debugging info about what version scanning is doing.

Nmapr.scan :cmd do
  version_trace
end

Operating System Detection

One of Nmap's best-known features is remote OS detection using TCP/IP stack fingerprinting.

Nmapr.scan :cmd do
  detect :os
end

Promising Limits

Limit OS detection to promising targets.

Nmapr.scan :cmd do
  detect :os, :promising
end

Aggressive Operating System Guessing

When Nmap is unable to detect a perfect OS match, it sometimes offers up near-matches as possibilities. This option will help aggressively attempt to detect the operating system.

Nmapr.scan :cmd do
  detect :os, :aggressive
end

results matching ""

    No results matching ""