Home page logo

basics logo Security Basics mailing list archives

RE: Win95 detection
From: "Jeff Gercken" <JeffG () kizan com>
Date: Thu, 2 Dec 2004 14:26:38 -0500

Can you email your user base a link to the script and have them execute
it? Or can you just ask them to look at the side of the start menu and
report what they have?

Why not use this as the motivator to upgrade to a better OS? I mean,

Other fingerprinting tools that haven't been mentioned:


-----Original Message-----
From: Samuel Petreski [mailto:petreski () ksu edu] 
Sent: Thursday, December 02, 2004 10:49 AM
To: Jeff Gercken
Cc: security-basics () securityfocus com
Subject: RE: Win95 detection

Great suggestions all, however these hosts are NOT part of a domain, and
they are not managed. I have to do it remotely without admin access to

GFI Languard seemed promising, but all it could detect was as Windows 98

I need to be able to fingerprint them because Symantec announced that
are not going to support Norton Antivirus v7.6 which is the latest
that runs on Win95 after March 2005.


Samuel Petreski
Network Systems Analyst
Computing and Network Services
Kansas State University
(785) 532-4943
petreski () ksu edu 
-----Original Message-----
From: Jeff Gercken [mailto:JeffG () kizan com] 
Sent: Thursday, December 02, 2004 9:32 AM
To: petreski () ksu edu
Cc: security-basics () securityfocus com
Subject: RE: Win95 detection

Use gettype.exe from the MS Resource Kits.  There are two versions, one
for 9x & NT, the other for 2k, xp and up.


Host Name:   spork
Name:        Windows XP Professional
Version:     5.1 Build 2600 Service Pack 1
Role:        Workgroup
Components:  Not Installed

Alternatively you can use ver, which is built into the command shell but
you may have spotty results with this method.

To execute them you should use psexec from sysinternals and remotely run
a batch file that you'll create.

Contents of file: checkver.bat
net use b: \\computer\share
ver > b:\%computername%.txt (or b:\gettype > b:\%computername%.txt)
net use /delete b:

Then run the following command against all your workstations:
psexec \\<wokstation> -low -u <admin account> -p <passwd> -c

OS fingerprinting is great but if you HAVE credentials on your boxes why
not use em?

-----Original Message-----
From: Trevor Cushen [mailto:Trevor.Cushen () sysnet ie] 
Sent: Wednesday, December 01, 2004 4:59 AM
To: petreski () ksu edu
Cc: security-basics () securityfocus com
Subject: RE: Win95 detection

Have you tried a login script to do the job for you?  Kix32 is perfect
for this job.

-----Original Message-----
From: Samuel Petreski [mailto:petreski () ksu edu]
Sent: 30 November 2004 21:53
To: security-basics () securityfocus com
Subject: Win95 detection

I have been given the task to scan for hosts that are running Windows 95
the network. I have tried scanning with Nmap and Nessus, however they
distinguish the hosts between 95/98/ME. I was wondering if anyone has
across a tool that is able to detect Win95 hosts on the network.

Thanks for your help.

Samuel Petreski

This email and its attachments are solely for the attention of
petreski () ksu edu   
Please contact Trevor.Cushen () sysnet ie if you receive this mail in

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]