Solved

Detect OS name and version from external

Posted on 2009-04-15
5
317 Views
Last Modified: 2013-12-27
Is there a way to detect the OS name and version before login to the system? If it does, is there way to prevent it?
0
Comment
Question by:gs_kanata
  • 3
  • 2
5 Comments
 
LVL 22

Accepted Solution

by:
blu earned 400 total points
ID: 24149735
Depends. It used to be obvious, but for security reasons it has systematically been made less so. It used to be that many network services had banners that included the OS type and rev. Then those banners became configurable. Then they
stopped having the type and rev info at all. Nowadays, I don't think there is any banner that will tell you much in an obvious manner by default.

However, there have been great strides made in system "fingerprinting", i.e. identifying a system type and rev via remotely visible system behavior. The nmap program, for instance can do this automatically.

Once in a while bug are fixed to further obscure the fingerprints and make it ever harder. But it is a doomed quest, not worth the resources. Sure, you might not want to make it obvious, but you get diminishing returns. Consider what you are trying to hide and why.
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 100 total points
ID: 24150352
Login prompt for telnet is in /etc/issue.net
You can run some TCP fingerprinting on client
Also SNMP is of help.
Just keep it all in legitimate borders.
0
 
LVL 22

Expert Comment

by:blu
ID: 24150880
>Login prompt for telnet is in /etc/issue.net

Not on Solaris it isn't
0
 
LVL 61

Expert Comment

by:gheist
ID: 24150928
By POSIX it is..
0
 
LVL 22

Expert Comment

by:blu
ID: 24151168
Really? I just did a full search at the opengroup.org website, and there are no hits on /etc/issue.net. But that is moot, since the one of the zones for this question is Solaris, and Solaris doesn't use /etc/issue.net.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now