Solved

How to determine a Linux machine on a mixed network?

Posted on 2011-03-01
7
264 Views
Last Modified: 2012-05-11
Experts,

      I have a Powershell script that based on the network OS, a specific script will run to change users password. I have the MS OS's figured out. How do I determine that the computer entered is a Linux? Below is the Powershell script I have written so far...
$strComputer = Read-Host "Enter Computer Name"
$OS = Get-WmiObject -Class win32_OperatingSystem -namespace "root\CIMV2" `
-ComputerName $strComputer

# if statement to run code for Windows XP and Windows 2003 Server.
if (($OS.Version -eq "5.1.2600") -or ($OS.Version -eq "5.2.3790"))
{
write-host "Computer Name: " $strComputer
#nested if statement
if ($OS.Version -eq "5.1.2600") {
write-host "OS Version: Windows XP"
.\PromptReset.ps1
}
elseif ($OS.Version -eq "5.2.3790") 
{
write-host "OS Version: Windows 2003"
.\PromptReset.ps1
}
write-host "Description: " $objPrinter.Description
write-host
}
}
# if statement to run code for Windows 2000 Server
#elseif ($OS.Version -eq "5.0.2195")
#{
#write-host "Computer Name: " $strComputer
#write-host "OS Version: Windows 2000 Server"
#$colPrinters = Get-WmiObject -Class win32_PrintJob -namespace "root\CIMV2" `
#-computername $strComputer
##foreach ($objPrinter in $colPrinters) {
#write-host "Name: " $objPrinter.Name
#write-host "Description: " $objPrinter.Description
#write-host
#}
#}

# if OS not identified
else {write-host "The OS for: $strComputer is not a Windows OS."}
write-host "–END OF REPORT–"

Open in new window

0
Comment
Question by:missymadi
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 76

Expert Comment

by:arnold
ID: 35012030
You will not be able to connect to the resources you are trying to access which would mean either the system is non-windows or it has a firewall on without an exception to allow access to 445/139/etc.

0
 

Author Comment

by:missymadi
ID: 35012139
I'm not sure I understand your response....

I wanted to test for a Linux box, .... maybe one solution would be to see if port 22 is open(ssh) if this port is open then it is Linux and I can connect and run the script that is local on the Linux box.

Is there another way to determine if a network computer is Linux. I know that hacking software uses some sort of tool to determine the OS.  
0
 
LVL 76

Accepted Solution

by:
arnold earned 250 total points
ID: 35012521
port 22 is one check, but there are ways to enable ssh access on a windows system as well.
there are ways to check OS based on a tcp packet and analyzing the responses for OS signatures.
All these checks are limited by the firewall settings if enabled.

You could connect to port 80 and get information that way as well.
HEAD / HTTP/1.0

Note this will require that the http service is running and it was not configured to masquerade i.e. only report that it is running apache without version/OS designation in the Server: HTTP response.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 9

Assisted Solution

by:expert_tanmay
expert_tanmay earned 250 total points
ID: 35013807
You may use NMAP it is a open source tool, it has OS detection plus many more goodies. It detects the OS by using TCP/IP stack fingerprinting. It sends many TCP/UDP packets and tries to guess the OS based on their responce. Please visit http://nmap.org/book/man-os-detection.html

Cheers ..
0
 
LVL 1

Expert Comment

by:mbkirk
ID: 35015907
A firewall will defeat nmap if ping is disabled.  

Basically, unless the remote server has security holes you're going to need a means of securely logging into it to running software or of connecting to a service it provides.  You could run an ssh server on it and use the command set it provides - that software is available for most platforms.  

If your goal is to update passwords would you be better off with something like a windows acrive directory and using kerberos, samba, or "windows services for unix" (if that still exists)?  This is an infrastructure change and as such may be a much bigger deal than what you're prodposing.

There was also a Web Services management protocol under development at some point.  I don't know what happened to it in the end, but I know Microsoft had a version, and it was being developed for Linux too.
0
 
LVL 9

Expert Comment

by:expert_tanmay
ID: 35022101
@mbkuk first of all the user has not mentioned any thing about a firewall. Also please note that NMAP does not work on ping. You may please read about advanced tcp/ip packet structures and how flags are used in packets. We are not talking about packets with SYN flag on where a firewall can block. There are plenty of documentation on NMAP in nmap.org please read them if you have deep understanding of tcp/ip..
0
 
LVL 1

Expert Comment

by:mbkirk
ID: 35022633
You're right, he didn't say.   My point is that if he wants to log in remotely to boxes to update passwords he's better off using something designed for managing installations.  He doesn't say what his full task is, only asks how he can make his software work.  Maybe he's really solving the problem he needs to solve, and maybe not.  

And you're right nmap doesn't only use ping - it was the end of a long day and I was going a bit too fast.  A halfway-decent firewall of the sort that most windows IT installations use will defeat nmap's "IP stack fingerprinting" and most of its other tools.   The machine simply will simply drop the packets.   On the linux side a halfway decent iptables configuration will defeat it as well.

0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
AWS EC2 Linux 1 32
Replacing a switch in a 3com 5500 switch stack 2 42
Security Alert 2 42
iPad Won't Connect 16 34
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now