Re: Getting a Machines Uptime Remotely

From: ROB DIXON (rdixon@workforcewv.org)
Date: Fri Feb 03 2006 - 15:21:23 EST


Are you on the local subnet with these machines?

Robert L. Dixon, CSO
CHFI A+
Netware/GroupWise Administrator
State of West Virginia's
Office of Techonology
Infrastructure Applications
Telephone: (304)-558-5472 ex.4225
Cellphone: (304)-549-2068
Email:rdixon@workforcewv.org
>>> Steve Friedl <steve@unixwiz.net> >>>
On Wed, Feb 01, 2006 at 10:18:06AM -0500, Holstein, Robert - BLS CTR wrote:
> I'm trying to figure out how to get the uptime of a Win* machine
> remotely using NMAP. Stealth is not a concern. I've done it with *nix
> based OS'es before using NMAP but never Windows. Can anyone offer some
> advice on how to do this using NMAP. I've tried a couple different
> things with no results.

There are two ways I can think of to get the uptime remotely, though
neither with nmap.

1) via SNMP: the sysUpTime.0 OID is the number of 100ths of a second since
   boot. This has a 497-day limit before the 32-bit counter wraps around,
   but if it's a Windows machine I doubt you'll run into that ;-)

2) I'm sure there's an RPC type query which returns this information, but
   it surely requires a network credential.

Steve

---
Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561
www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | steve@unixwiz.net

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:26 EDT