Penetration Testing mailing list archives
RE: Getting a Machines Uptime Remotely
From: "drm" <drm () e-netaudit com>
Date: Mon, 6 Feb 2006 08:03:20 +1030
Timestamp is not a reliable method for determining the system uptime. See RFC792 which states 'the timestamp is 32 bits of milliseconds since midnight UT'. I only use timestamp as an alternative to echo when sites block echo but not timestamp - not for accurately determining how long a machine has been running. To get the system uptime of Win machines Try uptime.exe \\hostname Microsoft utility. Or Systeminfo /S hostname | @findstr "Time:" DM -----Original Message----- Subject: Getting a Machines Uptime Remotely
I'm trying to figure out how to get the uptime of a Win* machine remotely
using NMAP.
Stealth is not a concern. I've done it with *nix based OS'es before using
NMAP but never
Windows. Can anyone offer some advice on how to do this using NMAP. I've
tried a couple
different things with no results.
Do you get a TCP timestamp response at all when you scan with 'nmap -O' ? The two XP/SP2 boxes I just scanned don't give an RFC1323 timestamp response. This leads me to believe that you won't be able to do anything like this at all. Your best bet will be to set up some sort of WUG/Nagios monitoring of these hosts, probably via ping or some TCP port check, and wait for them to reboot. Once they come back up, you'll be able to track uptime. Short of that, you may be out of luck. If it's a mandate, I would look at trying to get some level of AD/local authentication access so you can use something like 'uptime.exe' (I think it ships with Win2K3, it's part of the reskit for Win2K). PaulM ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Getting a Machines Uptime Remotely Holstein, Robert - BLS CTR (Feb 02)
- Re: Getting a Machines Uptime Remotely Steve Friedl (Feb 02)
- Re: Getting a Machines Uptime Remotely Bojan Zdrnja (Feb 04)
- RE: Getting a Machines Uptime Remotely Paul Melson (Feb 05)
- RE: Getting a Machines Uptime Remotely drm (Feb 05)
- <Possible follow-ups>
- RE: Getting a Machines Uptime Remotely Holstein, Robert - BLS CTR (Feb 02)
- Re: Getting a Machines Uptime Remotely Pete Herzog (Feb 05)
- Re: Getting a Machines Uptime Remotely Erik Kamerling (Feb 05)
- Re: Getting a Machines Uptime Remotely Bojan Zdrnja (Feb 05)
- Re: Getting a Machines Uptime Remotely Pete Herzog (Feb 05)
- Re: Getting a Machines Uptime Remotely ROB DIXON (Feb 05)
- RE: Getting a Machines Uptime Remotely Ray Sawyer (Feb 05)