[chaos]# nmap -sS -P0 -A -v 10.0.0.4

Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at
	2006-07-14 14:31 BST
DNS resolution of 1 IPs took 0.10s. Mode:
	Async [#: 2, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating SYN Stealth Scan against 10.0.0.4 [1672 ports] at 14:31
Discovered open port 21/tcp on 10.0.0.4
Discovered open port 22/tcp on 10.0.0.4
Discovered open port 631/tcp on 10.0.0.4
Discovered open port 6000/tcp on 10.0.0.4
The SYN Stealth Scan took 0.16s to scan 1672 total ports.
Initiating service scan against 4 services on 10.0.0.4 at 14:31
The service scan took 6.01s to scan 4 services on 1 host.
For OSScan assuming port 21 is open, 1 is closed, and neither are
	firewalled
Host 10.0.0.4 appears to be up ... good.
Interesting ports on 10.0.0.4:
(The 1668 ports scanned but not shown below are in state: closed)
PORT     STATE SERVICE VERSION
21/tcp   open  ftp     vsftpd 2.0.3
22/tcp   open  ssh     OpenSSH 4.2 (protocol 1.99)
631/tcp  open  ipp     CUPS 1.1
6000/tcp open  X11      (access denied)
Device type: general purpose
Running: Linux 2.4.X|2.5.X|2.6.X
OS details: Linux 2.4.0 - 2.5.20, Linux 2.5.25 - 2.6.8 or
	Gentoo 1.2 Linux 2.4.19 rc1-rc7
TCP Sequence Prediction: Class=random positive increments
                         Difficulty=4732564 (Good luck!)
IPID Sequence Generation: All zeros
Service Info: OS: Unix

Nmap finished: 1 IP address (1 host up) scanned in 8.333 seconds
               Raw packets sent: 1687 (74.7KB) | Rcvd: 3382 (143KB)
