Troubleshoot inaccurate OS version results

In some environments, an nmap mapping on an IP address that isn't in use will return a response on specific ports, confusing nmap. The ports that do or don't respond vary in different environments. If nmap isn't returning accurate OS version results, or as a best practice, nmap should be tuned to the customer environment.

To tune nmap
  1. Determine several IP addresses that aren't in use in the environment.
  2. At a command prompt on the core server, use the following command line to manually scan the IP addresses:

    nmap -O -sSU -F -T4 -d -v <targets> -oX test.xml > test.txt

  3. Review the results and see if there are any ports that consistently respond on IP addresses that aren't in use.
  4. Open Endpoint Manager's nmap-services document (C:\Program Files\LANDesk\Management Suite\nmap\nmap-services) and comment out the ports with a hash (#) character that consistently respond.