Hey,

Is there any ways to know about a webhosting server is LINUX based or Windows based?

Lemme explain, Somebody has hosted a www.abc.com at somewhere. How can I know whether it is in an Apache or IIS? Any tools or anything?

Thanks,
Manu

http://www.info-x.co.uk/netools/netools.asp?tool=1

its all in the headers :-)

heres 2 ideas,

hxxp://news.netcraft.com/

httpb.exe (http banner scanner by uhhuhy)

If you telnet to the site, telnet www.site.com 80 , you'll get a blank screen, then type anything and press enter, it will give you an error, and in the error will be the name of the server.

Prefix

banner scannning with scanline or any other banner-scanner should do the job

Get.txt
contain head / http/1.0 and two returns, or just two returns
nc -vvn ip<Get.txt
You will see
(UNKNOWN) [IP] 80 (?) open
HTTP/1.1 400 Bad Request
Server: Microsoft-IIS/5.0
Date: Tue, 13 Apr 2004 14:40:32 GMT
Content-Type: text/html
Content-Length: 87

That was an excellent link Andys.. Thanks a million.. Thanks to all others too.. Got what i want..

Manu

Never trust what you see or received. You might never know if it's real!

I have a program called OSFP. Operating System Finger Printer. I would attach it but i do not yet have that option i am sure some googling for thins program would give you many results. However if you cannot find this program tell me and ill will put it on my website or find the website i got it from. This program works for all computers personal and webservers. It uses open ports and analyzes there responses. Of course if there are no open ports then it wont work, but it usually does.

Also, if your machine runs linux or you have a linux machine, consider installing nmap. To use: nmap -vvO [ip address] This doesnt always give a good answer, but can be very accurate depending on which ports are open.

blaaaaa goood discusssion

http://www.blunck.info/iehttpheaders.html

here's a header viewer that integrates with IE

Server Robot from 8th Wonder is what I use:

http://www.8th-wonder.net/dl.asp?id=srobot_full.zip

Im not 100% Sure, but i think on Mandrake Linux (Konqueror) is option where you can view headers im sure that there is cookie viewer, it's useful ...sometimes

nmap is the best one for this issue but it's slow.

Make port scan and grab all banners. (fscan is good from foundstone)
After that you analyze remote system ports, if it's a web server you can check server headers (they can change it if they smart enough) to determine remote system.

Also some ports just opens in windows for example you can see 139 netbios port in windows also if you're seeing ssh ports you can define remote system as linux (%90) etc.

For web servers, I like using Netcraft. It's been pretty accurate when I was looking for info.

Also, just because a site is running SSH doesn't mean that the site is a Linux Box. It could be anything. There are SSH servers for Windows (There are a lot of companies using SSH that do not use OpenSSH).