Open Port Scanning and OS Detection
Ping scan on an IP to determine host using the following command:
nmap -sP 95.111.13.11
Open Port Scanning and OS Detection
Start a SYN scan with OS detection using the following command:
nmap -sS 95.111.13.11 -O
Nmap scan report for d1m0.com (95.111.13.111)
Host is up (0.00097s latency).
Not shown: 992 closed ports
PORT STATE SERVICE
25/tcp open smtp
53/tcp open domain
80/tcp open http
143/tcp open imap
465/tcp open smtps
993/tcp open imaps
4444/tcp open krb524
8181/tcp open intermapper
Start an open port scan with version detection using the command:
nmap -sV 95.111.13.111 -A
Nmap scan report for d1m0.com (95.111.13.111)
Host is up (0.00089s latency).
Not shown: 992 closed ports
PORT STATE SERVICE VERSION
25/tcp open smtp Postfix smtpd
|_smtp-commands: mail.d1m0.com, PIPELINING, SIZE 4194304, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME,
| ssl-cert: Subject: commonName=mail.d1m0.com/countryName=BG
| Subject Alternative Name: DNS:mail.d1m0.com
| Not valid before: 2017-05-09T19:56:41
|_Not valid after: 2019-05-09T12:06:00
|_ssl-date: TLS randomness does not represent time
53/tcp open domain ISC BIND 9.9.5 (Debian Linux 8.0 (Jessie))
| dns-nsid:
|_ bind.version: 9.9.5-9+deb8u15-Debian
80/tcp open http OpenWrt admin httpd (rejected RFC1918 address)
|_http-title: Site doesn’t have a title (text/html).
143/tcp open imap Dovecot imapd
|_imap-capabilities: STARTTLS LOGIN-REFERRALS AUTH=PLAIN IMAP4rev1 listed more IDLE SASL-IR have Pre-login AUTH=LOGINA0001 post-login ID LITERAL+ ENABLE capabilities OK
| ssl-cert: Subject: commonName=mail.d1m0.com/countryName=BG
| Subject Alternative Name: DNS:mail.d1m0.com
| Not valid before: 2017-05-09T19:56:41
|_Not valid after: 2019-05-09T12:06:00
|_ssl-date: TLS randomness does not represent time
465/tcp open ssl/smtp Postfix smtpd
|_smtp-commands: mail.d1m0.com, PIPELINING, SIZE 4194304, VRFY, ETRN, AUTH PLAIN LOGIN, ENHANCEDSTATUSCODES, 8BITMIME,
| ssl-cert: Subject: commonName=mail.d1m0.com/countryName=BG
| Subject Alternative Name: DNS:mail.d1m0.com
| Not valid before: 2017-05-09T19:56:41
|_Not valid after: 2019-05-09T12:06:00
|_ssl-date: TLS randomness does not represent time
993/tcp open ssl/imap Dovecot imapd
|_imap-capabilities: IDLE ID ENABLE more OK AUTH=PLAIN have AUTH=LOGINA0001 IMAP4rev1 listed post-login SASL-IR LITERAL+ Pre-login capabilities LOGIN-REFERRALS
| ssl-cert: Subject: commonName=mail.d1m0.com/countryName=BG
| Subject Alternative Name: DNS:mail.d1m0.com
| Not valid before: 2017-05-09T19:56:41
|_Not valid after: 2019-05-09T12:06:00
|_ssl-date: TLS randomness does not represent time
4444/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 2048 b4:20:d2:bb:b4:64:be:80:6e:44:39:63:86:4a:3f:fe (RSA)
| 256 d0:39:21:89:b0:73:88:50:8e:dc:29:7c:3c:43:a6:1f (ECDSA)
|_ 256 ea:68:fd:d4:ce:31:e4:16:64:54:ab:bf:02:40:ff:5c (ED25519)
8181/tcp open http Apache httpd 2.4.6 ((CentOS) PHP/5.4.16)
|_http-server-header: Apache/2.4.6 (CentOS) PHP/5.4.16
Aggressive OS guesses: Linux 3.16 (96%), Linux 4.4 (95%), Linksys EA3500 WAP (94%), Linux 3.2 – 4.9 (93%), Android 4.4.0 (91%), Linux 2.6.18 – 2.6.32 (91%), Linux 3.10 – 4.11 (90%), Linux 4.10 (90%), Linux 3.4 – 3.10 (89%), Linux 3.13 – 3.16 (89%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
Service Info: Host: mail.d1m0.com; OS: Linux; CPE: cpe:/o:linux:linux_kernel