Troubleshoot inaccurate OS version results
In some environments, an nmap mapping on an IP address that isn't in use will return a response on specific ports, confusing nmap. The ports that do or don't respond vary in different environments. If nmap isn't returning accurate OS version results, or as a best practice, nmap should be tuned to the customer environment.
To tune nmap
- Determine several IP addresses that aren't in use in the environment.
- At a command prompt on the core server, use the following command line to manually scan the IP addresses:
nmap -O -sSU -F -T4 -d -v <targets> -oX test.xml > test.txt
- Review the results and see if there are any ports that consistently respond on IP addresses that aren't in use.
- Open Endpoint Manager's nmap-services document (C:\Program Files\LANDesk\Management Suite\nmap\nmap-services) and comment out the ports with a hash (#) character that consistently respond.