OS matching algorithms
Nmap's algorithm for detecting matches is a simple process which collects target fingerprints and tests it against every single reference fingerprint in nmap-os-db
. After testing all the probes against a fingerprint, Nmap divides NumMatchPoints by possible points. The result of this is a confidence factor describing the probability that the subject fingerprint matches that particular reference fingerprint.
Defense against port scans
So far, we have learned how to use port scanning techniques to discover and detect information about remote hosts. Let's try to understand that any services/hosts will be vulnerable to port scans, which are exposed to users through some sort of connectivity. This might include an enterprise WAN or the internet. Port scanning is also not classed as illegal activity unless information is used to exploit systems.
The amount of information that should be exposed to the outside world is down to the system administrator. Any IP scanning starts with...