NMAP scanning reveals some information

Question

Hello,

When I did nmap -sS -sV www.MYDOMAIN.com it reveals some unnecessary information that I need to remove.

c:\Program Files (x86)\Nmap>nmap.exe -sS -sV www.MYDOMAIN.com

Starting Nmap 7.93 ( https://nmap.org ) at 2023-03-13 10:47

NSOCK ERROR [0.0550s] ssl_init_helper(): OpenSSL legacy provider failed to load.

Nmap scan report for www.MYDOMAIN.com (10.10.10.10) Host is up (0.014s latency). Not shown: 997 filtered tcp ports (no-response)

PORT STATE SERVICE VERSION

80/tcp open upnp Microsoft IIS httpd

443/tcp open ssl/upnp Microsoft IIS httpd

8443/tcp open ssl/http Microsoft IIS httpd 10.0

Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 43.36 seconds

I tried several suggested methods and no luck

https://techcommunity.microsoft.com/t5/iis-support-blog/remove-unwanted-http-response-headers/ba-p/369710

https://serverfault.com/questions/991045/remove-modify-iis-10-server-header-which-discloses-iis-version

Windows 2019

Any advice is appreciated.

Kindest regards

Answer 1

Hello there,

I'd suggest reporting this to nmap. It looks like a nmap bug.

A similar issue has been posted in forum and it seems updating the nmap to latest version has sorted the SSL issue.

You can try to make the upgrade and see if that helps .

Similar discussion here https://github.com/openssl/openssl/issues/19191

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer--