You have initiated an active operating system fingerprinting attempt with nmap against a target system:
[root@ceh NG]# /usr/local/bin/nmap -sT -O 10.0.0.1
Starting nmap 3.28 ( www.insecure.org/nmap/) at 2003-06-18 19:14 IDT
Interesting ports on 10.0.0.1:
(The 1628 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp filtered ftp
22/tcp filtered ssh
25/tcp open smtp
80/tcp open http
135/tcp open loc-srv
139/tcp open netbios-ssn
389/tcp open LDAP
443/tcp open https
465/tcp open smtps
1029/tcp open ms-lsa
1433/tcp open ms-sql-s
2301/tcp open compaqdiag
5555/tcp open freeciv
5800/tcp open vnc-http
5900/tcp open vnc
6000/tcp filtered X11
Remote operating system guess: Windows XP, Windows 2000, NT4 or 95/98/98SE Nmap run completed — 1 IP address (1 host up) scanned in 3.334 seconds
Using its fingerprinting tests nmap is unable to distinguish between different groups of Microsoft based operating systems – Windows XP, Windows 2000, NT4 or 95/98/98SE.
What operating system is the target host running based on the open ports shown above?
A.
Windows XP
B.
Windows 98 SE
C.
Windows NT4 Server
D.
Windows 2000 Server
Explanation:
The system is reachable as an active directory domain controller (port 389, LDAP)