Nmap-ujte sami sebe...

1

Nmap-ujte sami sebe...

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Zelite da znate koji su vam tacno portovi otvoreni, i da saznate koji koristan savet ili informaciju o portovima?
Program Nmap sluzi za ispitivanje otvorenih portova na nekom racunaru (ne na svom): http://www.insecure.org/nmap
Ovaj program koriste hackeri kada pokusavaju da skeniraju vas komp u potrazi za otvorenim portovima.

Ukoliko zelite da skenirate sami sebe, pre nego sto to ucini neko drugi, onda pogledajte sledeci link:
http://www.linux-sec.net/Audit/nmap.test.gwif.html
i kliknite dugme 'Please Scan This Server I'm On'

Nakon skeniranja ce vam biti prikazan izvestaj o stanju portova na vasem kompu.

Znam da je bilo jos dosta linkova ka sajtovima koji proveravaju firewall-ove i otvorene portove, ali ovaj sajt koristi bas Nmap (koji koriste i vecina hackera), tako da ce te dobiti stvaran uvid u ono sto vide i hackeri kada vas skeniraju.



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
offline
  • GZ  Male
  • Ugledni građanin
  • Pridružio: 27 Mar 2005
  • Poruke: 474
  • Gde živiš: Novi Sad

Citat:#
# Scan Results for nmap ( -sS -F -O ) dlp-4.as54.tz.bih.net.ba
#
# In general, turn off all services and daemons listed below ( especially those in red )
Turn Off all Unused-Daemons

Turn Everything Off in inetd



....
..Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-23 09:22 PST..
..Note: Host seems down. If it is really up, but blocking our ping probes, try -P0..
..Nmap finished: 1 IP address (0 hosts up) scanned in 2.923 seconds..
#
# end of test data


Evo ja sam prvi odradio.. Posto nisam nesto vjest, kakvi su rezultati..??

Poz.



offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

U polje iznad dugmeta upisi '-P0' i probaj ponovo.
Tvoj FW blokira ping. Unesi onu opciju da bi skenirao iako nema pinga.

offline
  • Pridružio: 06 Jan 2006
  • Poruke: 286
  • Gde živiš: Becej

evo kod mene:Sta to znaci?

Citat:You should download and install nmap from:
http://www.Insecure.org/nmap
Run the a port scan from my host ( 80.74.168.28 ) ( SMIN_28-IP-80_74_168_28.dialup.neobee.net ) :
Your IDS should light up like a Christmas tree after this scan is done

Slow responses might indicate your Firewall might be doing its job preventing port scans


#
# Scan Results for nmap ( -sS -F -O ) SMIN_28-IP-80_74_168_28.dialup.neobee.net
#
# In general, turn off all services and daemons listed below ( especially those in red )
Turn Off all Unused-Daemons

Turn Everything Off in inetd



....
..Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-23 09:55 PST..
..Nmap finished: 0 IP addresses (0 hosts up) scanned in 0.897 seconds..
#
# end of test data

offline
  • GZ  Male
  • Ugledni građanin
  • Pridružio: 27 Mar 2005
  • Poruke: 474
  • Gde živiš: Novi Sad

Citat:Run the a port scan from my host ( 80.65.73.4 ) ( dlp-4.as54.tz.bih.net.ba ) :
Your IDS should light up like a Christmas tree after this scan is done

Slow responses might indicate your Firewall might be doing its job preventing port scans


#
# Scan Results for nmap ( P0 ) dlp-4.as54.tz.bih.net.ba
#
# In general, turn off all services and daemons listed below ( especially those in red )
Turn Off all Unused-Daemons

Turn Everything Off in inetd



....
..Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-23 09:57 PST..
..Note: Host seems down. If it is really up, but blocking our ping probes, try -P0..
..Nmap finished: 1 IP address (0 hosts up) scanned in 2.719 seconds..
#
# end of test data

Nakon tvog savjeta dobio sa ovo gore iznad

offline
  • Pridružio: 19 Maj 2005
  • Poruke: 609
  • Gde živiš: Springfild

Citat:#
# Scan Results for nmap ( -P0 ) smin-dial-131.icentrala.net
#
# In general, turn off all services and daemons listed below ( especially those in red )
Turn Off all Unused-Daemons

Turn Everything Off in inetd



....
..Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-23 10:14 PST..
..Nmap finished: 0 IP addresses (0 hosts up) scanned in 0.339 seconds..
#
# end of test data

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Nema potrebe da postavljate prazne liste. Prazne liste znace da FW obavlja svoj posao.
Evo kako izgleda jedna lista kada je iskljucen FW:
#
# Scan Results for nmap ( -sS -F -O ) chello080109118195.12.15.vie.surfer.at
#
# In general, turn off all services and daemons listed below ( especially those in red )

    * Turn Off all Unused-Daemons
    * Turn Everything Off in inetd

 
....   
..Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-23 10:48 PST..   
..Interesting ports on  chello080109118195.12.15.vie.surfer.at (80.109.118.195): ..   
..(The 1216 ports scanned but not shown below are in state: closed)..   
..PORT    STATE    SERVICE..   
..111/tcp filtered rpcbind..   
..135/tcp filtered msrpc..   
..139/tcp open     netbios-ssn..   
..201/tcp filtered at-rtmp..   
..202/tcp filtered at-nbp..   
..203/tcp filtered at-3..   
..204/tcp filtered at-echo..   
..205/tcp filtered at-5..   
..206/tcp filtered at-zis..   
..207/tcp filtered at-7..   
..208/tcp filtered at-8..   
..Device type: general purpose..   
..Running: Microsoft Windows 2003/.NET|NT/2K/XP..   
..OS details: Microsoft Windows 2003 Server or XP SP2..   
....   
..Nmap finished: 1 IP address (1 host up) scanned in 34.120 seconds..   

#
# end of test data


Kao sto vidite, na osnovu otvorenih portova, Nmap je zakljucio da se radi o Windowsu.
Kada jedan napadac vidi ovako nesto, on lepo potrazi u svojoj 'bazi znanja' koji program koristi te portove koji su otvoreni.
Onda usredsredi Nmap samo na taj port, da bi pokusao na osnovu ponasanja/reakcija na pojedina komande da ustanovi da li je stvarno taj program, i po mogucstvu da utvrdi verziju programa.
Kada skupi dovoljno podataka, onda opet pogleda svoju 'bazu znanja' da vidi da li za taj program koji 'slusa' (Listening) na tom portu, postoji neki propust za koji postoji Exploit.
Onda on iskoristi exploit i provali u komp...


Jos jednom vas molim da ne postavljate raporte ukoliko su prazni, tj. nema otvorenih portova.

offline
  • SVITAC 
  • Legendarni građanin
  • Pridružio: 28 Apr 2003
  • Poruke: 5919
  • Gde živiš: Beograd

Na dlanu :=) .. nije da su baš pogodili OS .. ali ..
potraja ovo kod mene ..

Citat:..PORT STATE SERVICE..
..135/tcp filtered msrpc..
..139/tcp open netbios-ssn..
..445/tcp open microsoft-ds..
..1110/tcp open nfsd-status..
..1434/tcp filtered ms-sql-m..
..Device type: general purpose..
..Running: Microsoft Windows 2003/.NET..
..OS details: Microsoft Windows 2003 Server..
..Nmap finished: 1 IP address (1 host up) scanned in 303.496 seconds..
# end of test data

offline
  • Pridružio: 06 Jan 2006
  • Poruke: 286
  • Gde živiš: Becej

I onda nek neko kaze da Windows xp firewal ne radi dobro!!!Doduse pojacan je sa ad-awarovim Ad-Watchom i spybotovim tea timerom!

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

@bravani
Ovo je 10-sekundni nmap test, a ne neki test koji se radi par minuta ili sati.
Voleo bih da vidim kako ce Windows FW da se pokaze kada neko skenira komp Retinom ili necim slicnim, i to onako ljudski...

Ko je trenutno na forumu
 

Ukupno su 1399 korisnika na forumu :: 34 registrovanih, 6 sakrivenih i 1359 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, babaroga, Bokiboks, BSD, CikaKURE, darkangel, debeli, DPera, Georgius, hologram, Karla, kuntalo, Lukaaa, Marko Marković, Mi lao shu, milenko crazy north, milimoj, Milometer, milos.cbr, opt1, procesor, raptorsi, Skywhaler, Srle993, Sumadija34, suton, TheBeastOfMG, Toper, Trpe Grozni, vasa.93, voja64, zlaya011, Zoca