[PLUG] determine OS bitness for remote servers

wes plug at the-wes.com
Fri Aug 26 18:08:08 UTC 2011 

I frequently do things like this by running a script to log in to a list of
servers and run a command remotely, logging the output to a file locally.

for a in $(cat serverlist);do echo "$a - ";ssh root@$a uname -m;done >
server-arch-list
(untested, this is just a concept)

-wes

On Fri, Aug 26, 2011 at 10:47 AM, Daniel Herrington <
dherrington at robertmarktech.com> wrote:

> chris (fool) mccraw wrote, On 08/26/2011 10:01 AM:
> > On Fri, Aug 26, 2011 at 09:32, Daniel Herrington
> > <dherrington at robertmarktech.com>  wrote:
> >> Yes linux, either centOs or RHEL.
> >>
> >> Problem is I don't have login access. I only have the ability to scan
> >> the server remotely.
> > an interesting conundrum.  i couldn't figure out a way to make any of
> > my services tell me that (sendmail connection header, apache version
> > #, sshd version string, etc).  i am kind of glad since hey, there's no
> > reason i'd want you to know whether i have a 64bit modern CPU or am
> > running ELKS linux on a 286 unless i was willing to tell you.
> >
> > i'm certain some services (and some configurations of some
> > services--sendmail banner is entirely config-file-user-configurable,
> > for instance) leak that info even if not explicitly. what services is
> > it running?
> The context is we're doing a data center migration that's going from
> physical to virtual, and I can't automate my virtual builds unless I
> know OS bitness (So no black hat work going on...).
>
> Customer wants to limit manual login work on the servers. End result is
> I know if it's a CentOS or RH, but no idea of services, applications,
> etc. that might be running.
>
> The one I'm testing with is running Apache, but it doesn't seem like
> Apache is leaking it's bitness. 80 and 443 are open, but the other ports
> are shut.
>
> The other problem I realized is I could be talking to the firewall or
> load balancer, and in that case I can't trust my return data.
>
> PLUS, I downloaded the OS Fingerprinting for Fun and Profit ppt, and
> learned of the IP Personality project
> (http://ippersonality.sourceforge.net/). This Linux kernel module allows
> you to spoof your OS fingerprint. If anyone is looking for ways to
> protect themselves, this seems the ideal solution. For me though, just
> another nail in the coffin of what originally looked like a promising
> solution.
>
> --
> Daniel Herrington
> Director of Field Services
> Robert Mark Technologies
> o: 651-769-2574
> m: 503-358-8575
> www.robertmark.com
>
> CA Workload Automation r11.3 is now GA. Contact us if you have any
> questions about the new release or want to discuss your company’s upgrade
> path.
>
> Follow Robert Mark on LinkedIn!
> http://www.linkedin.com/company/robert-mark-technologies/
>
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>

More information about the PLUG mailing list