× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Here is a tool that you can get.
http://grc.com/id/idserve.htm

---
Doug Hart



midrange-l-bounces@xxxxxxxxxxxx wrote:
> HA!  You know what? I didn't even think about the fact that people
> would try to hide their OS to prevent hacking.  DUH! I was just
> curious in a more academic way about what OS's different sites were
> running. 
> 
> As always Scott, you provided an answer that contained not only the
> answer to the question, but so much more that we wouldn't even have
> ever considered, but which is really good information regardless and
> gets a person to thinking about things in a different way.
> 
> Thanks!
> 
> 
> Shannon O'Donnell
> 
> 
> 
> 
> -----Original Message-----
> From: midrange-l-bounces@xxxxxxxxxxxx
> [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Scott Klement
> Sent: Sunday, May 09, 2004 2:24 PM
> To: Midrange Systems Technical Discussion
> Subject: RE: Determining Operating System or Hardware via the Internet
> 
> 
> Hi Shannon,
> 
>> Thanks for the responses.  I wasn't clear in what I was trying to do.
>> I would like to know if there is some way that I can tell what OS or
>> hardware a website is running on if all I know is the URL or the IP
>> address.  Maybe a command like TRACERT or PING or something?  Or a
>> port scanner possibly? 
> 
> Most of the time people try to make sure you CAN'T find out what OS or
> platform they're running!!  Almost all published security holes rely
> on you running a particular operating system-- therefore the very
> first thing a hacker will do is try to detect what operating system
> and platform you're running.  Once they've determined that, they can
> see what the known security holes are for that operating system and
> look for one that is exploitable on your system.
> 
> You might try something like Nmap or Queso (if Queso is still around??
> it's homepage appears to be gone...)
> More about Nmap is here: http://www.insecure.org/nmap/
> 
> They use a technique known as "TCP/IP fingerprinting" which relies on
> quirks in the OS to determine which OS it's running.  For example,
> you might send an invalid sequence of IP packets that make no sense.
> (such as SYN, SYN+ACK, FIN, FIN+ACK, SYN+FIN, PSH, SYN+XXX+YYY where
> XXX and YYY 
> are unused flags)   Since the standards don't define what should be
> done 
> in response, different OSes do different things.   By using a table of
> which OSes give which types of responses, they try to detect what the
> OS must be.
> 
> If you click on the "OS Detection" link on the Nmap web site (above)
> you'll get more details on why OS detection is important for
> security, and how it works, etc.
> 
> Naturally, a well designed firewall will prevent this sort of thing. 
> And NAT may very well change the behavior, so it's not completely
> reliable. 
> 
> 
>> I'm just trying to guess what some websites are using as a web
>> server. It's not that important, really.  It just occurred to me to
>> wonder 
>> what places like Ebay and YAHOO were using for OS software and
>> computing hardware. 
> 
> I can tell you that Yahoo! runs FreeBSD.  Here's an article about it:
> http://www.ictp.trieste.it/~cfonda/sudan/OSs/references/freeBSD/Yahoo_and_Fr
> eeBSD.html
> 
> Ebay runs Windows -- which was well known a few years ago when they
> had a lot of problems with the systems going down and having to be
> restored from backups :)  Nowadays they've enlisted IBM's help in
> making it stay up. http://pages.ebay.com/ebay_IBM.html
> 
> Also, the server-string reported by the HTTP servers on the large
> sites may give away what operating system they're running. 
> Netcraft.com allows you to look this sort of thing up.  Especially
> for the large sites. http://www.netcraft.com/whats
> 
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L)
> mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To
> subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take
> a moment to review the archives at
> http://archive.midrange.com/midrange-l. 
> 
> 
> 
> 
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L)
> mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.