General/tcp port and similar others

When I run scans I notice that always ports appear in the report that do not have a number, such as “general/tcp”, “general/CPE-T” etc… , but I do not know how to interpret the detection of these ports.

Are they vulnerabilities detected on the scanned target or general indications about the scanner having problems? I know it sounds like a stupid question, but I have tried to search for information about these ports but I can’t find anything, I probably perform wrong searches and I wanted to get the doubt out of my mind.

Can you give me more information about these ports and what their detection means at the end of the scan?

For example, I show you the name of the vulnerabilities associated with the “general/tcp” port once I finish scanning my work environment:

  • OS Detection Consolidation and Reporting
  • Hostname Determination Reporting
  • Traceroute

How should I interpret these vulnerabilities?

The results in questions are no vulnerabilities (thus they don’t have a severity attached but just a “Log” level with a severity of 0.0), are purely informative and haven’t been found on a specific port.

As these results are not attached to a specific port on the remote system (like mentioned previously) a generic general/tcp is used for the reporting.

More info how to read a report and interpret the results within it can be found in the relevant manual entry here: 11.2.1 Reading a Report


I thank you for your reply, I tried to search the link you turned me to but I didn’t find much information about it, even searching the internet I only find the name of these directions but not actually what one should do to avoid them.

For example for the first one about identifying the OS, what would that mean in essence? Should I do something to make sure it doesn't appear in future scans?