Attempts to find the owner of an open TCP port by querying an auth daemon which must also be open on the target system. The auth service, also known as identd, normally runs on port 113.
nmap -sV -sC <target>
21/tcp open ftp ProFTPD 1.3.1 |_ auth-owners: nobody 22/tcp open ssh OpenSSH 4.3p2 Debian 9etch2 (protocol 2.0) |_ auth-owners: root 25/tcp open smtp Postfix smtpd |_ auth-owners: postfix 80/tcp open http Apache httpd 2.0.61 ((Unix) PHP/4.4.7 ...) |_ auth-owners: dhapache 113/tcp open auth? |_ auth-owners: nobody 587/tcp open submission Postfix smtpd |_ auth-owners: postfix 5666/tcp open unknown |_ auth-owners: root
Author: Diman Todorov
License: Same as Nmap--See http://nmap.org/book/man-legal.html