I run a nmap scan of my hosts daily to check for open ports.
sudo nmap -f -sS -sV --log-errors -append-output -p1-9999 host.com
But along with the output I get a long list of fingerprint submissions for unrecognized ports like this
==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============
SF-Port4000-TCP:V=5.21%I=7%D=2/9%Time=4F30CAC%P=x86_64-redhat-linux-gnu%r
SF::\r\nERR\x20UNKNOWN_COMMAND\x20Unknown\+server\+commandCSeq:\r\nERR\x20
-------------------------------------------
How do I remove these from my nmap reports?
Best Answer
There is no way to keep Nmap from outputting this information, other than to submit the fingerprints as The Unix Janitor suggested in his comment. Along those lines, you could try using the latest version of Nmap (5.51 or 5.61TEST5); over 700 new service fingerprints have been added since the version you are using.
To strip the unwanted output from your scan results, try this Perl one-liner:
That will strip the fingerprints out. If you are concerned about parsing the output, I would encourage you to use the XML output instead, since the structure of the normal output can change from version to version.