Page 1 of 1

determine web server information

Posted: Tue Jul 12, 2005 3:24 pm
by Burrito
I'm interested to know how netcraft determines server information (ie server type, last reboot, webserver type) etc.

I assume this is all information sent from headers by the web server, but wondering how/if php can parse that information into something useful.

http://news.netcraft.com/ <-- in case you haven't seen it.

Posted: Tue Jul 12, 2005 4:35 pm
by pickle
Looking through this code should tell you:

http://phpsysinfo.sourceforge.net/

From what I could see, it looks like it just calls a bunch of command line programs (stuff like `uptime`) and parses the input.

Pretty cool nonetheless.

Posted: Tue Jul 12, 2005 4:44 pm
by bokehman
Apart from site reboot (which doesnt work for my site) all that info is from DNS. I tried it on my site and it doesn't try to access the web server at all. All it did was access my nameserver.

Posted: Tue Jul 12, 2005 4:45 pm
by Burrito
so how does DNS obtain that info and where would it keep it?

no DNS record I've seen has near the amount of information that I'm talking about 8O

Posted: Tue Jul 12, 2005 4:57 pm
by pickle
Things like uptime() for time, df() for disk usage, top() for proc usage, ifconfig -A for ethernet cards would be useful. I'm sure there are others but I don't wanna search for them.

Posted: Tue Jul 12, 2005 4:58 pm
by bokehman
Apart from the reboot info I can't see anything that couldn't be discovered with a few DNS requests and some whois data.

Posted: Tue Jul 12, 2005 5:53 pm
by timvw
All they do is request a page once in a while. This way, when they don't get a response, they know the server has been down. The headers the server returns are also usefull, for example

Response Headers - posting.php?mode=reply&t=35502

Code: Select all

Date: Tue, 12 Jul 2005 22:50:23 GMT
Server: Microsoft-IIS/5.0
X-Powered-By: PHP/4.3.10
...
And then there are some tools which allow you get a fingerprint of the server too like xprobe, p0f, hping, ...

Posted: Tue Jul 12, 2005 5:54 pm
by timvw
Most unices have systeminfo in their /proc (virtual filesystem).

Posted: Tue Jul 12, 2005 6:08 pm
by pickle
timvw wrote:Most unices have systeminfo in their /proc (virtual filesystem).
Just checked there on my box and there's tons of info in the different files - neato!

Posted: Tue Jul 12, 2005 6:17 pm
by bokehman
Tim, when I did a check on my site there was no activity on port 80

Posted: Tue Jul 12, 2005 6:48 pm
by timvw
Well i mentionned in my post there were other tools available too, so i looked in my bookmarks :)

http://xprobe.sourceforge.net/
http://lcamtuf.coredump.cx/p0f.shtml
http://www.hping.org/