During an experiment with nmap, I discovered that Parrot leaks a LOT more than Windows 10 by default, which is disheartening or downright frightening for a security-centric distro.
These were the results for my local scan:
C:\Program Files (x86)\Nmap>nmap -sS -sU -T4 -A -v -PE -PP -PS80, 443 -PA3389 -PU40125 -PY -g 53 --script "default or (discovery and safe)" --script-args 'shodan-api.outfile=scan.csv,shodan-api.apikey=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx','mtrace.fromip=192.168.168.168' 192.168.255.129
Starting Nmap 7.70 ( https://nmap.org ) at 2026-02-11 12:52 W. Europe Standard Time
NSE: Loaded 285 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 12:52
NSE: [mtrace] A source IP must be provided through fromip argument.
Completed NSE at 12:52, 10.67s elapsed
Initiating NSE at 12:52
Completed NSE at 12:52, 0.00s elapsed
Initiating NSE at 12:52
Completed NSE at 12:52, 0.00s elapsed
Pre-scan script results:
| broadcast-igmp-discovery:
| 192.168.255.1
| Interface: eth0
| Version: 2
| Group: 224.0.0.252
| Description: Link-local Multicast Name Resolution (rfc4795)
|_ Use the newtargets script-arg to add the results as targets
| broadcast-ping:
| IP: 192.168.255.2 MAC: 00:50:56:e9:8e:fb
|_ Use --script-args=newtargets to add the results as targets
| targets-asn:
|_ targets-asn.asn is a mandatory parameter
Failed to resolve "443".
Initiating ARPPing Scan at 12:52
Scanning 192.168.255.129 [1 port]
Completed ARPPing Scan at 12:52, 0.09s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 12:52
Completed Parallel DNS resolution of 1 host. at 12:52, 0.00s elapsed
Initiating SYN Stealth Scan at 12:52
Scanning 192.168.255.129 [1000 ports]
Discovered open port 139/tcp on 192.168.255.129
Discovered open port 445/tcp on 192.168.255.129
Completed SYN Stealth Scan at 12:52, 0.27s elapsed (1000 total ports)
Initiating UDP Scan at 12:52
Scanning 192.168.255.129 [1000 ports]
Increasing send delay for 192.168.255.129 from 0 to 50 due to max_successful_tryno increase to 5
Increasing send delay for 192.168.255.129 from 50 to 100 due to max_successful_tryno increase to 6
Warning: 192.168.255.129 giving up on port because retransmission cap hit (6).
Increasing send delay for 192.168.255.129 from 100 to 200 due to 11 out of 13 dropped probes since last increase.
Discovered open port 137/udp on 192.168.255.129
UDP Scan Timing: About 6.36% done; ETC: 13:01 (0:07:37 remaining)
Increasing send delay for 192.168.255.129 from 200 to 400 due to 11 out of 12 dropped probes since last increase.
Increasing send delay for 192.168.255.129 from 400 to 800 due to 11 out of 11 dropped probes since last increase.
UDP Scan Timing: About 9.64% done; ETC: 13:03 (0:09:32 remaining)
UDP Scan Timing: About 12.70% done; ETC: 13:04 (0:10:26 remaining)
UDP Scan Timing: About 33.44% done; ETC: 13:07 (0:09:47 remaining)
UDP Scan Timing: About 39.84% done; ETC: 13:07 (0:09:01 remaining)
UDP Scan Timing: About 45.84% done; ETC: 13:08 (0:08:14 remaining)
UDP Scan Timing: About 51.13% done; ETC: 13:08 (0:07:28 remaining)
UDP Scan Timing: About 56.61% done; ETC: 13:08 (0:06:41 remaining)
UDP Scan Timing: About 62.10% done; ETC: 13:08 (0:05:52 remaining)
UDP Scan Timing: About 67.66% done; ETC: 13:08 (0:05:03 remaining)
UDP Scan Timing: About 72.84% done; ETC: 13:08 (0:04:15 remaining)
UDP Scan Timing: About 78.33% done; ETC: 13:08 (0:03:24 remaining)
UDP Scan Timing: About 83.81% done; ETC: 13:08 (0:02:33 remaining)
UDP Scan Timing: About 88.97% done; ETC: 13:08 (0:01:45 remaining)
UDP Scan Timing: About 94.24% done; ETC: 13:08 (0:00:55 remaining)
Completed UDP Scan at 13:09, 982.67s elapsed (1000 total ports)
Initiating Service scan at 13:09
Scanning 19 services on 192.168.255.129
Service scan Timing: About 21.05% done; ETC: 13:17 (0:06:08 remaining)
Completed Service scan at 13:10, 102.93s elapsed (19 services on 1 host)
Initiating OS detection (try #1) against 192.168.255.129
NSE: Script scanning 192.168.255.129.
Initiating NSE at 13:11
Completed NSE at 13:16, 301.41s elapsed
Initiating NSE at 13:16
Completed NSE at 13:16, 1.03s elapsed
Initiating NSE at 13:16
Completed NSE at 13:16, 0.00s elapsed
Nmap scan report for 192.168.255.129
Host is up (0.00s latency).
Not shown: 1981 closed ports
PORT STATE SERVICE VERSION
139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 4.9.4-Debian (workgroup: WORKGROUP)
68/udp open|filtered dhcpc
137/udp open netbios-ns Samba nmbd netbios-ns (workgroup: WORKGROUP)
138/udp open|filtered netbios-dgm
389/udp open|filtered ldap
|_ldap-rootdse: ERROR: Script execution failed (use -d to debug)
402/udp open|filtered genie
990/udp open|filtered ftps
1026/udp open|filtered win-rpc
16449/udp open|filtered unknown
16503/udp open|filtered unknown
17207/udp open|filtered unknown
17592/udp open|filtered unknown
22986/udp open|filtered unknown
25157/udp open|filtered unknown
42431/udp open|filtered unknown
49169/udp open|filtered unknown
49201/udp open|filtered unknown
53006/udp open|filtered unknown
MAC Address: 00:0C:29:2C:42:10 (VMware)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.9
Uptime guess: 10.849 days (since Thu Jan 31 16:53:49 2019)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=252 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: Host: PARROT
Host script results:
|_clock-skew: mean: -19m58s, deviation: 34m37s, median: 1s
|_fcrdns: FAIL (No PTR record)
| firewalk:
| HOP HOST PROTOCOL BLOCKED PORTS
|_0 192.168.255.128 udp 68,138,389,402,990,1026,16449,16503,17207,17592
|_ipidseq: All zeros
|_msrpc-enum: NT_STATUS_OBJECT_NAME_NOT_FOUND
| nbstat: NetBIOS name: PARROT, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> (unknown)
| Names:
| PARROT<00> Flags: <unique><active>
| PARROT<03> Flags: <unique><active>
| PARROT<20> Flags: <unique><active>
| \x01\x02__MSBROWSE__\x02<01> Flags: <group><active>
| WORKGROUP<00> Flags: <group><active>
| WORKGROUP<1d> Flags: <unique><active>
|_ WORKGROUP<1e> Flags: <group><active>
|_path-mtu: PMTU ==1500
| qscan:
| PORT FAMILY MEAN (us) STDDEV LOSS (%)
|10 1125400.00 2745188.93 0.0%
|1370 652800.00 809179.12 0.0%
|1390 1407300.00 3725201.50 0.0%
|_445 0 1604400.00 4205352.23 0.0%
| smb-mbenum:
| DFS Root
| PARROT 0.0 Samba 4.9.4-Debian
| Master Browser
| PARROT 0.0 Samba 4.9.4-Debian
|Print server
| PARROT 0.0 Samba 4.9.4-Debian
| Server
| PARROT 0.0 Samba 4.9.4-Debian
| Server service
| DESKTOP-NBU6LUH 0.0
| DF-WORKSTATION 0.0
| PARROT 0.0 Samba 4.9.4-Debian
| Unix server
| PARROT 0.0 Samba 4.9.4-Debian
| Windows NT/2000/XP/2003 server
| DESKTOP-NBU6LUH 0.0
| DF-WORKSTATION 0.0
| PARROT 0.0 Samba 4.9.4-Debian
| Workstation
| DESKTOP-NBU6LUH 0.0
| DF-WORKSTATION 0.0
|_ PARROT 0.0 Samba 4.9.4-Debian
| smb-os-discovery:
| OS: Windows 6.1 (Samba 4.9.4-Debian)
| Computer name: parrot
| NetBIOS computer name: PARROT\x00
| Domain name: \x00
| FQDN: parrot
|_ System time: 2019-02-11T13:11:02+01:00
| smb-protocols:
| dialects:
| NT LM 0.12 (SMBv1) [dangerous, but default]
| 2.02
| 2.10
| 3.00
| 3.02
|_ 3.11
| smb-security-mode:
| account_used: guest
| authentication_level: user
| challenge_response: supported
|_ message_signing: disabled (dangerous, but default)
| smb2-capabilities:
| 2.02:
| Distributed File System
| 2.10:
| Distributed File System
| Leasing
| Multi-credit operations
| 3.00:
| Distributed File System
| Leasing
| Multi-credit operations
| 3.02:
| Distributed File System
| Leasing
| Multi-credit operations
| 3.11:
| Distributed File System
| Leasing
|_ Multi-credit operations
| smb2-security-mode:
| 2.02:
|_ Message signing enabled but not required
| smb2-time:
| date: 2026-02-11 13:11:02
|_ start_date: N/A
| traceroute-geolocation:
| HOP RTT ADDRESS GEOLOCATION
|_ 1 0.00 192.168.255.129 - ,-
TRACEROUTE
HOP RTT ADDRESS
1 0.00 ms 192.168.255.129
NSE: Script Post-scanning.
Initiating NSE at 13:16
Completed NSE at 13:16, 0.00s elapsed
Initiating NSE at 13:16
Completed NSE at 13:16, 0.00s elapsed
Initiating NSE at 13:16
Completed NSE at 13:16, 0.00s elapsed
Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1418.35 seconds
Raw packets sent: 2492 (92.041KB) | Rcvd: 2111 (101.996KB)
C:\Program Files (x86)\Nmap>