Answer:
There are actually a wide variety of techniques and software programs available which are utilized to do this. In fact, it's even possible to do it over the Internet. See, for example, Netcraft's What's That Site Running at http://uptime.netcraft.com/up/graph
Being able to identify the type & version of software being utilized by the target sight is one of the major purposes behind the second stage of a network hack, Scanning.
The first stage of a hack is Footprinting, the process of identifying a list of network & IP addresses through using tools & techniques such as whois queries and zone transfer downloads. This provides valuable information for attackers, including employee names & phone numbers, IP address ranges, DNS servers, and mail servers.
The second stage of a hack is the process of determining what systems are alive and reachable from the Internet on the target network. Part of the process requires the attacker to have specific knowledge about the different operating systems and software commonly utilized. A variety of tools & techniques are utilized to gather information, for example ping sweeps, port scans, & automated discovery tools.
Most successful hacks require the hacker to correctly identify the software being utilized in order for him to know what the potential vulnerabilities are in the target network. You can perform what are called simple banner grabbing techniques which will grab information from such services as FTP, telenet, SMTP, HTTP, POP, and others. This is the simplest way to detect an operating system and the associated version number of the service running. Two of the best tools to help with the process are nmap & queso, which both provide TCP/IP stack fingerprinting capabilities.
For a more detailed answer providing all specifics of every step, identification of all software tools utilized by Hackers for the process, as well as instructions for using the software, see: Hacking Exposed, Network security Secrets & Solutions, by Stuart McClure & Joel Scambray, Osborne/McGraw-Hill.
First published on BankersOnline.com 3/19/01
print
share