Princípios em Segurança da Informação

Tamanho: px

Começar a partir da página:

Download "Princípios em Segurança da Informação"

Melissa Prada Sabrosa
7 Há anos
Visualizações:

1 Atividade realizada: Princípios em Segurança da Informação Produzir Um relatório com todos os dados gerados a partir da identificação de serviços e portas abertas na rede. Método de uso: O Nmap ( Network Mapper ) uma ferramenta de código aberto para exploração de rede e auditoria de segurança. Ela foi desenhada para escanear rapidamente redes amplas, embora também funcione muito bem contra hosts individuais. O Nmap utiliza pacotes IP em estado bruto (raw) de maneira inovadora para determinar quais hosts estão disponíveis na rede, quais serviços (nome da aplicação e versão) os hosts oferecem, quais sistemas operacionais (e versões de SO) eles estão executando, que tipos de filtro de pacotes/firewalls estão em uso, e dezenas de outras características. Embora o Nmap seja normalmente utilizado para auditorias de segurança, muitos administradores de sistemas e rede consideram-no útil para tarefas rotineiras tais como inventário de rede, gerenciamento de serviços de atualização agendados, e monitoramento de host ou disponibilidade de serviço. Comandos Usados para o escaneamento: Nmap- Ultiliza-se como Comando mestre para o inicio do Network Scan/Map. -ss- TCP SYN scan: Técnica também conhecida como half-open, pois não abre uma conexão TCP completa. É enviado um pacote SYN, como se ele fosse uma conexão real e aguarda uma resposta. Caso um pacote SYN-ACK seja recebido, a porta está aberta, enquanto um como resposta indica que a porta está fechada. A vantagem dessa abordagem é que poucos irão detectar esse scanning de portas. sv- Version detection: Após as portas TCP e/ou UDP serem descobertas por algum dos métodos, o nmap irá determinar qual o serviço está rodando atualmente. O arquivo nmapservice-probes é utilizado para determinar tipos de protocolos, nome da aplicação, número da versão e outros detalhes. Abaixo segue-se o relatório da rede com suas portas abertas. StartingNmap 6.47 ( ) at :51 BRST Nmap scan report for Host is up (0.027s latency). 23/tcpopen telnet 80/tcpopen http Nmap scan report for Host is up (0.0011s latency).

Ela foi desenhada para escanear rapidamente redes amplas, embora também funcione muito bem contra hosts individuais.

2 Nmap scan report for Host is up (0.0011s latency). Nmap scan report for Host is up (0.0012s latency). Nmap scan report for Host is up (0.0011s latency) /tcpopen unknown Nmap scan report for Host is up (0.0012s latency).

Nmap scan report for 192.168.8.105 Host is up (0.0011s latency).

3 Nmap scan report for Host is up (0.0013s latency). Nmap scan report for Host is up ( s latency). All 1000 scanned ports on are filtered Nmap scan report for Host is up (0.0012s latency). Nmap scan report for Host is up ( s latency). Not shown: 986 closed ports 3306/tcp openmysql 5432/tcp openpostgresql

168.8.130 Host is up (0.0012s latency). Nmap scan report for 192.168.8.131 Host is up (0.

4 49152/tcpopen unknown 49153/tcpopen unknown 49154/tcpopen unknown 49156/tcpopen unknown 49159/tcpopen unknown Nmap scan report for Host is up (0.0030s latency). Nmap scan report for Host is up (0.0031s latency). Nmap scan report for Host is up (0.0075s latency). Nmap scan report for Host is up (0.010s latency). All 1000 scanned ports on are closed Nmap scan report for Host is up (0.025s latency). 23/tcpopen telnet 80/tcpopen http Starting Nmap 6.40 ( ) at :26 BRST Nmap scan report for Host is up (0.083s latency). 23/tcpopen telnet 80/tcpopen http Starting Nmap 6.40 ( ) at :26 BRST Nmap scan report for H3s latency).

All 1000 scanned ports on 192.168.40.23 are closed Nmap scan report for 192.168.40.25 Host is up (0.025s latency). 23/tcpopen telnet 80/tcpopen http Starting Nmap 6.40 ( http://nmap.

5 Not shown: 989 ost is up (0.004closed ports 22/tcp open ssh 53/tcp open domain 80/tcp open http 443/tcp open https 1056/tcp filtered vfo 5432/tcp open postgresql 8080/tcp open http-proxy 8081/tcp open blackice-icecap 8082/tcp open blackice-alerts 8090/tcp open unknown Starting Nmap 6.40 ( ) at :27 BRST Nmap scan report for Host is up (0.015s latency). Not shown: 990 closed ports 8081/tcp openblackice-icecap 49152/tcpopen unknown 49153/tcpopen unknown 49154/tcpopen unknown 49157/tcpopen unknown 49160/tcpopen unknown Starting Nmap 6.40 ( ) at :27 BRST Nmap scan report for Host is up (0.0024s latency). Starting Nmap 6.40 ( ) at :27 BRST Nmap scan report for Host is up (0.0019s latency). Starting Nmap 6.40 ( ) at :28 BRST Nmap scan report for Host is up (0.011s latency). All 1000 scanned ports on are closed Starting Nmap 6.40 ( ) at :28 BRST Nmap scan report for Host is up (0.018s latency).

open blackice-alerts 8090/tcp open unknown Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:27 BRST Nmap scan report for 192.168.40.5 Host is up (0.015s latency).

6 23/tcpopen telnet 80/tcpopen http Starting Nmap 6.40 ( ) at :28 BRST Nmap scan report for Host is up (0.011s latency). All 1000 scanned ports on are closed Starting Nmap 6.40 ( ) at :28 BRST Nmap scan report for Host is up (0.0048s latency). Not shown: 999 closed ports 62078/tcpopen iphone-sync Starting Nmap 6.40 ( ) at :29 BRST Nmap scan report for Host is up (0.049s latency). Not shown: 999 closed ports 7000/tcpopen afs3-fileserver Starting Nmap 6.40 ( ) at :29 BRST Nmap scan report for Host is up (0.050s latency). Not shown: 999 closed ports 62078/tcpopen iphone-sync Starting Nmap 6.40 ( ) at :32 BRST Nmap scan report for Host is up (0.052s latency). All 1000 scanned ports on are closed Starting Nmap 6.40 ( ) at :32 BRST Nmap scan report for Host is up (0.017s latency). All 1000 scanned ports on are closed Starting Nmap 6.40 ( ) at :32 BRST Nmap scan report for Host is up (0.0044s latency). Starting Nmap 6.40 ( ) at :34 BRST Nmap scan report for Host is up (0.062s latency). Not shown: 999 filtered ports 2869/tcpopen icslap

168.40.33 Host is up (0.049s latency). Not shown: 999 closed ports 7000/tcpopen afs3-fileserver Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:29 BRST Nmap scan report for 192.168.40.38 Host is up (0.

7 Starting Nmap 6.40 ( ) at :35 BRST Nmap scan report for Host is up (0.062s latency). Starting Nmap 6.40 ( ) at :39 BRST Nmap scan report for Host is up (0.030s latency). Not shown: 991 filtered ports 49152/tcpopen unknown 49153/tcpopen unknown 49154/tcpopen unknown 49156/tcpopen unknown 49157/tcpopen unknown Starting Nmap 6.40 ( ) at :40 BRST Nmap scan report for Host is up (0.024s latency). Not shown: 997 filtered ports Starting Nmap 6.40 ( ) at :40 BRST Nmap scan report for Host is up (0.014s latency). Not shown: 985 closed ports 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 902/tcp open iss-realsecure 912/tcp open apex-mesh 1110/tcp filterednfsd-status 2869/tcp filteredicslap 3389/tcp filteredms-wbt-server 10243/tcp open unknown 19780/tcp filtered unknown 49152/tcp open unknown 49153/tcp open unknown 49154/tcp open unknown 49155/tcp open unknown 49156/tcp open unknown

40 ( http://nmap.org ) at 2014-12-01 18:40 BRST Nmap scan report for 192.168.40.109 Host is up (0.024s latency). Not shown: 997 filtered ports Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:40 BRST Nmap scan report for 192.168.40.116 Host is up (0.

8 Nmap scan report for Host is up (0.051s latency). Not shown: 985 closed ports 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 902/tcp open iss-realsecure 912/tcp open apex-mesh 1110/tcp filterednfsd-status 2869/tcp filteredicslap 3389/tcp filteredms-wbt-server 10243/tcp open unknown 19780/tcp filtered unknown 49152/tcp open unknown 49153/tcp open unknown 49154/tcp open unknown 49155/tcp open unknown 49156/tcp open unknown Starting Nmap 6.40 ( ) at :45 BRST Nmap scan report for Host is up (0.029s latency). Not shown: 989 closed ports 49152/tcpopen unknown 49153/tcpopen unknown 49154/tcpopen unknown 49156/tcpopen unknown 49163/tcpopen unknown Nmap scan report for Host is up (0.0062s latency). Not shown: 977 closed ports 85/tcp filtered mit-ml-dev 259/tcp filtered esro-gen 1038/tcp filteredmtqp 1064/tcp filteredjstel 1067/tcpfilteredinstl_boots 1123/tcp filteredmurray 1138/tcp filteredencrypted_admin 2030/tcp filtered device2 2366/tcp filteredqip-login 2394/tcp filtered ms-olap2 2869/tcp filteredicslap 3945/tcp filteredemcads 4998/tcp filtered maybe-veritas 5000/tcp filteredupnp

filteredicslap 3389/tcp filteredms-wbt-server 10243/tcp open unknown 19780/tcp filtered unknown 49152/tcp open unknown 49153/tcp open unknown 49154/tcp open unknown 49155/tcp open unknown 49156/tcp

9 5961/tcp filtered unknown 8400/tcp filteredcvd 9290/tcp filtered unknown 13783/tcp filtered netbackup 20005/tcp filtered btx 21571/tcp filtered unknown 27356/tcp filtered unknown 40193/tcp filtered unknown 62078/tcp openiphone-sync

filtered btx 21571/tcp filtered unknown 27356/tcp

Documentos relacionados

Infra-Estrutura de Redes de Computadores

Infra-Estrutura de Redes de Computadores Atividade realizada: Identificar endereços ethernet das estações de trabalho e servidores. Método de uso: O Nmap ( Network Mapper ) uma ferramenta de código aberto