====== Ubuntu - nmap - Intense scan plus UDP ======

Does OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute) in addition to scanning TCP and UDP ports.

<code bash>
sudo nmap -sS -sU -T4 -A -v 192.168.1.69
</code>

result:

<code bash>
Starting Nmap 6.40 ( http://nmap.org ) at 2016-07-08 01:46 BST
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Parallel DNS resolution of 1 host. at 01:46
Completed Parallel DNS resolution of 1 host. at 01:46, 0.00s elapsed
Initiating SYN Stealth Scan at 01:46
Scanning peter-laptop-1 (192.168.1.69) [1000 ports]
Discovered open port 139/tcp on 192.168.1.69
Discovered open port 80/tcp on 192.168.1.69
Discovered open port 445/tcp on 192.168.1.69
Completed SYN Stealth Scan at 01:46, 1.99s elapsed (1000 total ports)
Initiating UDP Scan at 01:46
Scanning peter-laptop-1 (192.168.1.69) [1000 ports]
Discovered open port 137/udp on 192.168.1.69
Completed UDP Scan at 01:46, 2.48s elapsed (1000 total ports)
Initiating Service scan at 01:46
Scanning 8 services on peter-laptop-1 (192.168.1.69)
Service scan Timing: About 62.50% done; ETC: 01:48 (0:00:49 remaining)
Completed Service scan at 01:47, 82.55s elapsed (8 services on 1 host)
Initiating OS detection (try #1) against peter-laptop-1 (192.168.1.69)
Retrying OS detection (try #2) against peter-laptop-1 (192.168.1.69)
Retrying OS detection (try #3) against peter-laptop-1 (192.168.1.69)
Retrying OS detection (try #4) against peter-laptop-1 (192.168.1.69)
adjust_timeouts2: packet supposedly had rtt of -225849 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -225849 microseconds.  Ignoring time.
Retrying OS detection (try #5) against peter-laptop-1 (192.168.1.69)
NSE: Script scanning 192.168.1.69.
Initiating NSE at 01:47
Completed NSE at 01:48, 30.01s elapsed
Nmap scan report for peter-laptop-1 (192.168.1.69)
Host is up (0.000033s latency).
Not shown: 1992 closed ports
PORT     STATE         SERVICE     VERSION
80/tcp   open          http        nginx 1.4.6 (Ubuntu)
|_http-methods: No Allow or Public header in OPTIONS response (status code 405)
|_http-title: Site doesn't have a title (text/html).
139/tcp  open          netbios-ssn Samba smbd 3.X (workgroup: PETER-LAPTOP-1)
445/tcp  open          netbios-ssn Samba smbd 3.X (workgroup: PETER-LAPTOP-1)
68/udp   open|filtered dhcpc
137/udp  open          netbios-ns  Microsoft Windows XP netbios-ssn
138/udp  open|filtered netbios-dgm
631/udp  open|filtered ipp
5353/udp open|filtered zeroconf
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=6.40%E=4%D=7/8%OT=80%CT=1%CU=2%PV=Y%DS=0%DC=L%G=Y%TM=577EF84F%P=x
OS:86_64-pc-linux-gnu)SEQ(SP=103%GCD=1%ISR=104%TI=Z%CI=I%TS=8)SEQ(SP=103%GC
OS:D=2%ISR=104%TI=Z%TS=8)OPS(O1=MFFD7ST11NW7%O2=MFFD7ST11NW7%O3=MFFD7NNT11N
OS:W7%O4=MFFD7ST11NW7%O5=MFFD7ST11NW7%O6=MFFD7ST11)WIN(W1=AAAA%W2=AAAA%W3=A
OS:AAA%W4=AAAA%W5=AAAA%W6=AAAA)ECN(R=Y%DF=Y%T=40%W=AAAA%O=MFFD7NNSNW7%CC=Y%
OS:Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40
OS:%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q
OS:=)T6(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A
OS:=S+%F=AR%O=%RD=0%Q=)U1(R=Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%R
OS:UCK=G%RUD=G)IE(R=Y%DFI=N%T=40%CD=S)

Uptime guess: 0.238 days (since Thu Jul  7 20:05:36 2016)
Network Distance: 0 hops
TCP Sequence Prediction: Difficulty=259 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OSs: Linux, Windows; CPE: cpe:/o:linux:linux_kernel, cpe:/o:microsoft:windows

Host script results:
| nbstat: 
|   NetBIOS name: PETER-LAPTOP-1, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
|   Names
|     PETER-LAPTOP-1<00>   Flags: <unique><active>
|     PETER-LAPTOP-1<03>   Flags: <unique><active>
|     PETER-LAPTOP-1<20>   Flags: <unique><active>
|     \x01\x02__MSBROWSE__\x02<01>  Flags: <group><active>
|     WORKGROUP<00>        Flags: <group><active>
|     WORKGROUP<1d>        Flags: <unique><active>
|_    WORKGROUP<1e>        Flags: <group><active>
| smb-os-discovery: 
|   OS: Windows 6.1 (Samba 4.3.9-Ubuntu)
|   Computer name: peter-laptop-1
|   NetBIOS computer name: PETER-LAPTOP-1
|   Domain name: 
|   FQDN: peter-laptop-1
|_  System time: 2016-07-08T01:47:45+01:00
| smb-security-mode: 
|   Account that was used for smb scripts: guest
|   User-level authentication
|   SMB Security: Challenge/response passwords supported
|_  Message signing disabled (dangerous, but default)
|_smbv2-enabled: Server supports SMBv2 protocol

NSE: Script Post-scanning.
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 134.27 seconds
           Raw packets sent: 2364 (98.947KB) | Rcvd: 4762 (220.298KB)
</code>