Is there a reliable way to detect OS of the network hosts from linux workstation?

Question

How to detect OS of running computers on the network.

We use linux. I want to write wrapper on the python, which will periodically scan network and write results to google spreadsheet. I tried nmap -O and -A, but unfortunately this commands in not reliable. Because

It's depend on running services and nmap database of fingerprints.
If there are no fingerprints in installed nmap database - scanner cannot determine OS version.

Is there no reliable os detection method for windows/linux hosts with free tools?

computers can return any info they want so you could never accurately guarantee which `OS` type, and this is done on many servers whereby they'll purposely give you incorrect info to throw you off — gwillie, Aug 25 '15 at 08:11
I understand this of course. I want to use this in LAN, where this problem does not exist. — vskubriev, Aug 25 '15 at 08:28
If you use a [recent version of Nmap](https://nmap.org/download.html) then it is very unlikely it will not have a fingerprint. If it does not, you can [submit one](https://nmap.org/book/osdetect-unidentified.html) and we'll add it. — bonsaiviking, Aug 25 '15 at 12:55

score 2 · Answer 1 · answered Aug 25 '15 at 08:22

You can use pof - a passive operating system detection.

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).

Thank you. That's a good tool, but it's very complicated. I will continue to study it. — vskubriev, Aug 25 '15 at 10:08

score 2 · Accepted Answer · answered Aug 25 '15 at 10:15

2

Here's a list of what you can read into:

you could ssh in and use uname -o
use you can use ping to sort determine OS, nice link for some OS's here.
if your machines are stock then just use nmap, it is the definitive project for this.
or you can read into IP Stack Fingerprinting and have a machine intercept packets.

answered Aug 25 '15 at 10:15

gwillie

231
1
9

Thank you. I decided to do it manually, because there is no easy way. – vskubriev Aug 26 '15 at 07:56

Is there a reliable way to detect OS of the network hosts from linux workstation?

2 Answers2