LameNerd has asked for the wisdom of the Perl Monks concerning the following question:

Is there a way for my LWP script to determine what OS the web server is running on?
  • Comment on Can I use LWP to determine the remote OS?

Replies are listed 'Best First'.
Re: Can I use LWP to determine the remote OS?
by Mr. Muskrat (Canon) on Jun 12, 2003 at 21:20 UTC

    Sort of... Provided the server provides the piece of information. You just need to parse the server information returned to you. Here's a simple example script:

    #!/usr/bin/perl -w use strict; use LWP::Simple; print server('http://www.microsoft.com'),"\n"; print server('http://www.linux.org'),"\n"; sub server { my $url = shift; my (undef,undef,undef,undef,$server) = head($url); return $server; } __DATA__ Microsoft-IIS/6.0 Apache/1.3.27 (Linux) mod_perl/1.27 mod_ssl/2.8.14 OpenSSL/0.9.7a

Re: Can I use LWP to determine the remote OS?
by dws (Chancellor) on Jun 12, 2003 at 21:15 UTC
    Is there a way for my LWP script to determine what OS the web server is running on?

    Not reliably. You can ask the web server (by issuing a HEAD request on /, or by trying to trigger a 404 error page), but there's no guarantee that what the server tells you will be true. In an infamous case a few years back, a set of FreeBSD/Apache servers were made to claim that they were running IIS on NT, all to avoid embarrassing a certain large company.

      A bit more accurate way would be to use a remote OS fingerprinting utility such as Nmap or XProbe as they rely on the properties of IP packets sent out by the OS. These too can be spoofed, but it's much less likely than changing the string your webserver reports. One disadvantage is that because these are active fingerprinting utilities, their use may be reported as an "attack" on the network if the target host is behind an IDS like Snort, so you may want to be careful or get permission first.
Re: Can I use LWP to determine the remote OS?
by arthas (Hermit) on Jun 12, 2003 at 21:23 UTC

    You can have a look at the headers of the server response, however the information will not be complete, and might even be bogus.

    Anyhow, the Server header looks something like this (tried on perl.com):

    Server: Apache/1.3.26 (Unix) PHP/4.2.1 mod_gzip/1.3.19.1a mod_perl/1.2 +7

    ...so you can guess it's Unix in this case. This is the header for perl.it:

    Server: Apache/1.3.27 (Win32)

    Hope this helps!

    Michele.