I need to check if remote host is Windows or Unix/Linux.
I can't assume that it has web server configured.
All I can do is to try to connect to several TCP or UDP services.
Which TCP services (TCP port numbers) usually will be opened on Windows and not on Unix/Linux and vise versa?
The other way is to try to ssh to it, and if it fails assume that it Windows host. The problem is, that I need this in order to choose the remote access method ssh or something Windows friendly like psexec.
You can read the output of nmap to detect which OS a remote host is running. It has a whole module dedicated to this. Here is a guide to using it.
Why not just try to connect one way, and if that fails, connect the other way, and if neither work, tell the user?
If that's all you're trying to do, there's no need to actually check the OS.
This is not an easy thing to answer with any degree of certainty as there are very few ports that will always be open on one OS but not on another.
You could try some/all of the following
80 http obviously
22,23 Telnet and SSH (Not usually open on windows, one at least usually open on *nix)
135 Used by WMI so often open on windows
1443 (Possibly SQL Server)
691 Used by MS Exchange routing
3389 MS Remote Desktop
I would suggest that scanning ranges of ports may lead you into trouble particularly if these are not your machines. You may find your IP address logged as a possible source of "Port Scanners"
There are some fairly extensive lists of ports available on the web. e.g. http://keir.net/portlist.html
Related
I have a client who is remote. I need to debug some weird problem that none of my other clients are having. Before I try and set up a conference with this client, I would like to know if there is some way of remotely debugging our application.
I see that there are remote debugging tools available for Visual Studio, but from what I've read, I need to be on the same subnet. As the person is remote, this is not a possibility. Also, as I'd like to keep our connection secure, I would need to connect up some sort of encrypted tunnel (this is where I'm a little fuzzy as my networking skills are mostly theoretical).
As I understand it, an encrypted tunnel is a bridge to another (different) subnet. This is to ensure that those computers on the other side won't interfere with the local subnet computers.
So, because the client's computer is on a different subnet, I think that this is not possible. Or is it? Should there not be a way of making the client's computer show up as a virtual computer on my subnet, by forwarding packets from one subnet to another? I would think that this is theoretically possible, but I'm not exactly sure how I would go about this.
Also, at the moment, my current way that we connect to clients is through GoToMeeting, but I don't think that it supports tunneling. If not, then I may need some way of generating a tunnel, so I was also thinking of maybe using some SSH programme like PuTTY.
As I have said before, my knowledge of networking is quite theoretical, so if the tools that I am suggesting are not the correct ones, please correct me. (I'm a programmer, damm it! Not a network engineer!)
Both computers are Windows boxes. Windows 10 (client) and Windows 8.1 (development).
If you can connect to an ssh server in the remote network, you can (subject to configuration on the server) create a tunnel such that you connect to a socket on your local pic and the connection appears from the server to an endpoint on the remote network.
You'll want to investigate the -L command of OpenSSH, which combined with the PuTTY docs, should help explain what's required.
By default, the endpoint would be a port on the ssh server, but it could be a port on a different host that the remote server can connect to.
I'm not familiar with the current state of Windows SSH servers, but even if there isn't a system server to hand, you should be able to have on run 'on demand' - if you run it on a non-privileged port and by the user you want to connect in as, it shouldn't even need Admin privileges.
I'm not familiar with GoToMeeting, but the one thing with SSH tunnelling it that IT depts should be familiar with SSH. If trying that, focus on getting a working connection in, then setting up the tunnel, then connecting through it as separate steps.
Once you have an SSH connection, then it doesn't need to do something itself, and you can then investigate connecting while specifying the port forwarding, but will will need to get the basic connection working correctly first.
I am using Putty to ssh into some of the servers that I work on. I am able to connect all others except the one. Although I was able to connect to it before. Whenever I try connecting to it, it always give me error:
Unable to open connection on myhost: Host does not exist
My firewall is off and I have even re-installed putty but that did not fix it. When I tried connecting to the same server using putty on some other windows system, I was able to do so. I searched regarding this on Internet but did not find much relevant.
I am running putty on Windows 7.
What can be the possible issue?
As I understand you have three computers involved. At the same time one connection is working and the other one fails. So we can exclude that the ssh daemon on your linux box is hanging.
In lack of knowing their real names I will call your computers linuxbox (this is the computer you want to ssh into), win7ok (that is the computer that you are able to ssh from using putty) and win7fail (that obviously is the computer you can't connect from).
Please do a tracert from both Win7 computers:
tracert linuxbox.your.domain
tracert linuxbox
Add the results to your question as it will help us find out what is happening.
Perhaps it is also a good idea to determine the ip address of the linuxbox from win7ok:
ping linuxbox
or
nslookup linuxbox
Then try to connect from win7fail by using the ip address of the target computer, perhaps it is only a DNS problem (which might be as nmap is failing too).
To make all of this easier to understand for us please provide the real names of the computers as you use them in putty.
For me the problem was with the Url of the reposity. Check remote URL. It must start with git#github.com, not https://.
I used nslookup and then used the ip address it gave me to connect and it worked
I had a similar problem with GitExtensions. The solution was to remove the https url and replace it with git#gitlab....
WRONG:
GOOD:
I just went through this. I have a Cisco VPN I need to use to get through to the Linux machine I wanted to login to and check.
No Putty session would get through using the machines name.
An nslookup on the windows machine yielded the correct address.
I too connected right in via the ip address.
I tried to Google the error and it failed, so I suspected the wireless.
Disconnected and reconnected my WiFi and all was good.
I did it fast enough that open connections stayed open.
And new connections refering to DNS names worked fine.
Seems like maybe some cached DNS addresses were stale.
Your DNS cache stores the locations (IP addresses) of web servers that contain web pages which you have recently viewed. If the location of the web server changes before the entry in your DNS cache updates, you can no longer access the site.
Following CLI command will do the trick:
ipconfig /flushdns
I'm trying to install Oracle 11g from scratch on an AWS Linux machine. In order to do so, I believe I'm required to enable X forwarding so I can use the graphical installation. I have never been good with X server/client situtations.
Setup:
cygwin64 (local)
NAT instance (Amazon)
Linux instance in private subnet accessible through said NAT (Amazon)
I'd like to forward the Oracle installation from the Linux instance through the NAT and to my local machine. Any help would be appreciated. I'm happy to provide more information, especially since I haven't provided much so far. I'd also love to hear that I'm going about this all wrong and that it's easy to install Oracle from the command line.
The client and server seem "backwards" in the world of X, because your workstation is the "server," providing the service of a display device and keyboard/mouse... while the program you are running, often remotely, is the "client," using those display and input devices services.
So the program you want to run needs to be able to connect "backwards" to your machine, but you can forget, for a moment, about the NAT aspect, because that's not directly relevant. The important thing is that you have a way to establish a chain of SSH connections from end to end, and that should be all you'd need, because SSH does the work. No firewalls were harmed in the answering of this question.
I don't know what kind of SSH utility cygwin has, but it will presumably be comparable. I tested the following first when end to end Linux, and then by replacing "ssh" with "\Program Files (x86)\PuTTY\putty.exe" on a Windows 7 desktop machine for the workstation. Both scenarios worked as expected, and the arguments are conveniently the same.
We'll call the NAT machine hostname "natbox" and the database "databox".
On your local machine, your X server is presumably listening on port 6000, so we need to get traffic back to it.
workstation $ ssh -R 127.0.0.1:5555:127.0.0.1:6000 natbox
I chose 5555 arbitrarily, but any unused value above 1024 should work. You could also use 6000 also but it makes the example even more counter-intuitive than it already is.
The first IP/port pair 127.0.0.1:5555 refers to the remote machine (natbox). Your SSH session will open a socket listening on port 5555 of the the loopback interface on the remote machine. The second IP/port pair 127.0.0.1:6000 refers to your workstation, which is the place the traffic is to return to. Connections to port 5555 on "natbox" will be tunneled back on your workstation, where an attempt will be made to connect to your local port 6000.
natbox $
So now we're logged in to natbox, and the tunnel is half-built.
natbox $ ssh -R 127.0.0.1:6000:127.0.0.1:5555 databox
This makes an SSH connection to "databox" where it opens up a listen socket on that server's port 6000 bound to the loopback address. Connections hitting that port will be sent back down the ssh connection to "natbox" where they will try to connect to natbox's port 5555... which, in the prior step, we already have linked back to your workstation's port 6000 -- your X server.
databox $ export DISPLAY=:0.0
databox $
Done.
Any X client program run on "databox" will try to connect to the local machine's display '0' on port 6000... which should end up back at your console.
databox $ xterm
This should open up a terminal window from "databox" on your local display. You don't need this, but it's probably going to be easier to verify and troubleshoot the X setup without dragging the Oracle componentry into the mix.
Note, the first reference to 127.0.0.1 (and the : between it and the first port number) on the ssh -R option are actually implicit, but I included them because it seems slightly less counter-intuitive to me. It is also possible to set this up in a cascade on a single command line, by providing the "command to execute" on the intermediate machine as the final argument to "ssh" on the local machine, as long as you add a -t to the first ssh so that it knows you want a tty end-to-end... but it was already complicated enough, so I didn't include that.
I would like to implement a little tool that lets me do on Windows what I can already do easily on any other OS - specify a remote SMB server by both IP address and port. Natively, Windows will not do SMB over any ports other than 445 or 139 (its choice), and I'm sick of playing whack-a-mole with workarounds for the various Bad Things that Microsoft keeps adding to Windows to fsck up tunnelling SMB over SSH port forwarding.
What I have in mind is a little command line app that would let me do something like
netsubst servername -i IP -p PORT
This would work hand in hand with a driver? dll? that hooks into Windows as an SMB redirector, but scans a table of server names set up by netsubst instead of looking them up on the network in order to find out what to connect to. So I'd be able to do
net use X: //servername/sharename /user:username *
in the usual way, except that instead of Windows looking for //servername on ports 445 or 139 of whatever machines it could find, it would go straight to address IP, port PORT; and if IP happened to be 127.0.0.1 and PORT happened to be something forwarded to somewhere else via ssh, it would All Just Work and I would no longer need to deal with the walls of stupid that Windows puts around access to localhost ports 139 and 445.
I figure what I need is something akin to the //vboxsvr guest addition that VirtualBox uses to do host file sharing, but probably rather simpler since it wouldn't need a full back end - in my ideal world, the only Windows functionality I'd need to replace is the part that establishes the initial connection to the remote SMB server. But before I start tearing into the VirtualBox source code, can somebody suggest an easier way to get this done, or perhaps point me to Microsoft documentation on implementing SMB redirectors?
\\server#port\share is a valid syntax for WebDAV. The moment you put the #port in the UNC path notation, net use changes from SMB to WebDAV. You cannot change the port SMB is using.
--Ben
Writing a driver is not easy; it requires a lot of domain specific knowledge. Here are some links to get started:
How to Write a Windows Driver
Develop a Windows Driver
WDK Documentation on MSDN
Good luck.
You might also find this (PDF) helpful.
You may need to implement a network redirector by yourself.
Looking TalAloni's SMBLibrary note and PcapDotNet , that can make some help.
net use * \\servername#XXXX\ where XXXX is a port number.
I've jast checked it on Windows 7. So it works perfect
I have a program consisting of a server and a client processes. Both run on Windows systems - Windows 2000 or later versions. The two processes can run on the same machine or on two different machines.
How can the client determine if it is run on the same machine as the server? If the server is not running the client can't work anyway and doesn't care where the server possibly is - so this case is out of the question. I've heard that each Windows machine has an UUID - can I obtain it and use for that purpose?
Windows networking requires computer names to be unique, so calling the GetComputerName api and having the client and server swap names (and compare the received name to the name they see) should suffice. If the client and server can start up independently of one another then you'll need some sort of protocol for this process. It seems logical for the client to initiate the exchange, and the server to only send its name when it has received a name from a client. The client can then abort the connection if it sees the same name.
I believe most virtual machine systems will allow the virtual machine to have its own name, so it should still be possible for you to test on virtual machines. However I don't have extensive experience of all the virtualisation technologies out there, so can't say for sure.
Previous question about generating a unique machine id that might help.
Link to previous answer which mentions MachineGUID
It is straightforward to add an API to the server that reports its machine name. The environment variable is COMPUTERNAME. The client could check that, right?
Do you need to deal with any of these cases?
The client is running, but the server is not responding, and you want to know whether the unresponsive server is on a remote machine.
The client and the server are running in two distinct virtual machines on the same host machine, and you want to report that as "running on the same machine."
The client is running in a virtual machine hosted by the same machine as the server is running on, and you want to report that as "running on the same machine."
The client and the server are running on uncoordinated networks and both might have been assigned the same name.
The server is possibly hostile, and will attempt to deceive the client.
The network card will have a unique MAC. If both server and client report the same MAC then they are using the same network card. If both client and server are running in different virtual machines but using the same network card, do you consider them running on the same machine or different machines?
how about trying to establish a loopback tcp connection? or maybe checking for some lock file created by the server in a predefined folder...
I don't know exactly how, but there's for sure something equivalent in Win32 to the /proc filesystem in Unix (I think there are free replacements for the windows taskmanager, maybe you could look at their sources) where you could search for your server process.