As I commented in my last post, I managed to get a response from Big-IP using NMap. The command I used to get the information is:
nmap -sS -PT -PI -p 443,22 -O -T 3 host
and the response was:
Starting nmap V. 3.00 ( www.insecure.org/nmap )
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Interesting ports on (host):
Port State Service
22/tcp open ssh
443/tcp open https
Remote operating system guess: F5 labs BigIp Load balancer Kernel 4.1.1PTF-03 (X86)
Uptime 19.009 days (since Fri Jul 04 09:44:08 2003)
Nmap run completed -- 1 IP address (1 host up) scanned in 32 seconds
I tried a lot of possible configurations and that was the fastest using windows. I have read that the nmap performance in Linux is much better than in Windows, so I will try it using Linux. The problem is that if I want to make a network scan, 30 seconds it's a lot of time.
If we talk about making a HTTPs scan, as Joe said in his post, JAVA needs the server certificates installed in the client truststore. I searched the internet and I found a couple of articles about getting the server certficates using a JAVA program or ignoring the server certificates (so you will not need the server certificates to connect). They can be found in
http://www.experts-exchange.com/Programming/Programming_Languages/Java/Q_20585861.html . So I'm thinking in performing in the first step a https port scan and then perform a nmap scan in the host with the https port open.
If you have any new idea, post it. Thanks:
Miguel
PD: I hope you will understand what i'm saying, I must improve my english knowledge