Redes de computadores

Redes de computadores
Atividade realizada:
Identificar serviços de portas aberta tanto na rede cabeada quanto wi-fi:
Ferramenta utilizada para identificar serviços e portas abertas na rede foi o
Nmap:
O Nmap é um scanner open source, uma ferramenta livre, de código aberto,
utilizada para mapeamento de redes e inclui diversas funcionalidades como:
varredura de portas, detecção de serviços, identificação remota de sistemas
operacionais etc. Esta ferramenta foi criada por Gordon “Fyodor” Lyon, que
ainda hoje participa ativamente do desenvolvimento do mesmo. O nmap é uma
ferramenta muito utilizada, entre outros, em auditorias teste de invasão, teste
em firewalls e testes de conformidade.
O nmap, em geral, opera nas camadas de rede e transporte. Entretanto,
também é capaz de manipular dados da camada de enlace (endereças MAC e
requisições ARP, por exemplo) e de interpretar dados da camada de aplicação
para inferir informações interessantes a respeito de seu alvo (versões de
serviços e sistemas operacionais).
Comandos NMAP
-sP
Ping scan: As vezes é necessário saber se um determinado dispositivo está
ativo na rede, o Nmap envia pacotes ICMP para verificar se determinado IP
está ativo na rede.
-sS
TCP Syn scan: este comando não faz uma conexão TCP completa.
É enviado um pacote Syn, como se fosse uma conexão verdadeira e ele fica
aguardando uma resposta, caso a resposta seja recebida “SYN-ACK” você já
sabe que a porta está aberta.
A vantagem desse método é que poucos irão detectar esse scan de portas.
-sT
TCP connect scan: Esta é a técnica mais básica de fazer o scan TCP.
Ele envia um sinal para as portas ativas na rede, caso a porta esteja aberta ele
recebe uma resposta. Esta técnica é a mais rápida porém é fácil de ser
detectado.
-sU
UDP scan: Este é o comando utilizado para identificar qual porta UDP está
aberta em alguma máquina. A técnica consiste em enviar um pacote UDP de 0
byte para cada porta da máquina se for recebido uma mensagem de
ICMP(porta inacessível) então a porta esta fechada,
ou pode estar aberta também
Os estados de portas conhecidos pelo Nmap
Aberto(open)
Uma aplicação está ativamente aceitando conexões TCP ou pacotes UDP
nesta porta.
encontrar esta condição (open), é o objetivo principal de um escaneamento de
portas.
Nós sabemos que cada porta aberta é um convite para um ataque.
Invasores e profissionais de avaliação de segurança querem explorar as portas
abertas, enquanto os administradores tentam fechar ou proteger com firewalls.
Fechado(closed)
Uma porta fechada está acessível (ela recebe e responde a pacotes de
sondagens do Nmap), mas não há nenhuma aplicação ouvindo nela. Elas
podem ser úteis para mostrar se um host está ativo a um determinado
endereço IP (descoberta de hosts, ou scan usando ping), é como parte de uma
detecção de SO. Pelo fato de portas fechadas serem alcançáveis, pode valer a
pena escanear mais tarde no caso de alguma delas abrir. Os administradores
deveriam considerar o bloqueio dessas portas com um firewall. Então elas
apareceriam no estado filtrado.
Filtrado(Filtered)
O Nmap não consegue determinar se uma porta está aberta porque uma
filtragem de pacotes impede que as sondagens do nmap alcancem a porta. A
filtragem pode ser de um FIREWALL dedicado, regras de ROTEADOR, ou um
software de firewall baseado em host.
não-filtrado(unfiltered)
O estado não filtrado significa que uma porta está acessível, mas que o Nmap
é incapaz de determinar se ela está aberta ou fechada.
open(filterede)
O nmap coloca portas neste estado quando é incapaz de determinar se uma
porta está aberta ou filtrada.
closed(filtered)
Este estado é usado quando o Nmap é incapaz de determinar se uma porta
está fechada ou filtrada.
Um dos comandos utilizados para o escaneamento:
nmap -script oracle-sid-brute “IP”
Scan Wi-ffi
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:21 BRST
Nmap scan report for 192.168.40.20
Host is up (0.0030s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
53/tcp filtered domain
2001/tcp filtered dc
MAC Address: B4:B5:2F:4F:BA:90 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:21 BRST
Nmap scan report for 192.168.40.21
Host is up (0.0031s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
53/tcp filtered domain
2001/tcp filtered dc
MAC Address: B4:B5:2F:4F:BA:95 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:21 BRST
Nmap scan report for 192.168.40.22
Host is up (0.0075s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
53/tcp filtered domain
2001/tcp filtered dc
MAC Address: B4:B5:2F:4F:BA:83 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:21 BRST
Nmap scan report for 192.168.40.23
Host is up (0.010s latency).
All 1000 scanned ports on 192.168.40.23 are closed
MAC Address: 88:9B:39:A6:97:0D (Samsung Electronics Co.)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:21 BRST
Nmap scan report for 192.168.40.25
Host is up (0.025s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
MAC Address: D0:7E:28:C5:BE:85 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:26 BRST
Nmap scan report for 192.168.40.1
Host is up (0.083s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
MAC Address: D0:67:E5:6F:7D:7A (Dell)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:26 BRST
Nmap scan report for 192.168.40.2
H3s latency).
Not shown: 989 ost is up (0.004closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https
1056/tcp filtered vfo
2001/tcp filtered dc
5432/tcp open postgresql
8080/tcp open http-proxy
8081/tcp open blackice-icecap
8082/tcp open blackice-alerts
8090/tcp open unknown
MAC Address: 44:1E:A1:C2:34:13 (Hewlett-Packard Company)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:27 BRST
Nmap scan report for 192.168.40.5
Host is up (0.015s latency).
Not shown: 990 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
8081/tcp open blackice-icecap
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49157/tcp open unknown
49160/tcp open unknown
MAC Address: E0:06:E6:DC:82:37 (Hon Hai Precision Ind. Co.)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:27 BRST
Nmap scan report for 192.168.40.20
Host is up (0.0024s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
53/tcp filtered domain
2001/tcp filtered dc
MAC Address: B4:B5:2F:4F:BA:90 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:27 BRST
Nmap scan report for 192.168.40.21
Host is up (0.0019s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
53/tcp filtered domain
2001/tcp filtered dc
MAC Address: B4:B5:2F:4F:BA:95 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:28 BRST
Nmap scan report for 192.168.40.23
Host is up (0.011s latency).
All 1000 scanned ports on 192.168.40.23 are closed
MAC Address: 88:9B:39:A6:97:0D (Samsung Electronics Co.)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:28 BRST
Nmap scan report for 192.168.40.25
Host is up (0.018s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
MAC Address: D0:7E:28:C5:BE:85 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:28 BRST
Nmap scan report for 192.168.40.26
Host is up (0.011s latency).
All 1000 scanned ports on 192.168.40.26 are closed
MAC Address: 84:38:38:76:2B:2E (Unknown)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:28 BRST
Nmap scan report for 192.168.40.31
Host is up (0.0048s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
62078/tcp open iphone-sync
MAC Address: 78:6C:1C:A0:53:45 (Apple)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:29 BRST
Nmap scan report for 192.168.40.33
Host is up (0.049s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
7000/tcp open afs3-fileserver
MAC Address: E0:75:7D:F7:36:FE (Motorola Mobility)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:29 BRST
Nmap scan report for 192.168.40.38
Host is up (0.050s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
62078/tcp open iphone-sync
MAC Address: A4:C3:61:93:8E:59 (Apple)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:32 BRST
Nmap scan report for 192.168.40.42
Host is up (0.052s latency).
All 1000 scanned ports on 192.168.40.42 are closed
MAC Address: E0:75:7D:87:D8:30 (Motorola Mobility)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:32 BRST
Nmap scan report for 192.168.40.43
Host is up (0.017s latency).
All 1000 scanned ports on 192.168.40.43 are closed
MAC Address: 34:BB:26:87:59:8B (Unknown)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:32 BRST
Nmap scan report for 192.168.40.49
Host is up (0.0044s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
53/tcp filtered domain
2001/tcp filtered dc
MAC Address: B4:B5:2F:4F:2B:A8 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:34 BRST
Nmap scan report for 192.168.40.68
Host is up (0.062s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE
2869/tcp open icslap
MAC Address: 70:18:8B:FB:53:D3 (Hon Hai Precision Ind. Co.)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:35 BRST
Nmap scan report for 192.168.40.78
Host is up (0.062s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
53/tcp filtered domain
2001/tcp filtered dc
MAC Address: B4:B5:2F:4F:BA:92 (Hewlett Packard)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:39 BRST
Nmap scan report for 192.168.40.104
Host is up (0.030s latency).
Not shown: 991 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
49157/tcp open unknown
MAC Address: 70:18:8B:FD:F9:81 (Hon Hai Precision Ind. Co.)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:40 BRST
Nmap scan report for 192.168.40.109
Host is up (0.024s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
MAC Address: EC:55:F9:AF:6D:5E (Hon Hai Precision Ind. Co.)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:40 BRST
Nmap scan report for 192.168.40.116
Host is up (0.014s latency).
Not shown: 985 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
902/tcp open iss-realsecure
912/tcp open apex-mesh
1110/tcp filtered nfsd-status
2869/tcp filtered icslap
3389/tcp filtered ms-wbt-server
10243/tcp open unknown
19780/tcp filtered unknown
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
MAC Address: E8:11:32:B4:DA:72 (Samsung Electronics CO.)
ing)
Nmap scan report for 192.168.40.116
Host is up (0.051s latency).
Not shown: 985 closed ports
PORT STATE SERVICE
135/tcp filtered msrpc
139/tcp filtered netbios-ssn
445/tcp filtered microsoft-ds
902/tcp open iss-realsecure
912/tcp open apex-mesh
1110/tcp filtered nfsd-status
2869/tcp filtered icslap
3389/tcp filtered ms-wbt-server
10243/tcp open unknown
19780/tcp filtered unknown
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
MAC Address: E8:11:32:B4:DA:72 (Samsung Electronics CO.)
Starting Nmap 6.40 ( http://nmap.org ) at 2014-12-01 18:45 BRST
Nmap scan report for 192.168.40.132
Host is up (0.029s latency).
Not shown: 989 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2869/tcp open icslap
5357/tcp open wsdapi
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
49163/tcp open unknown
MAC Address: 24:F5:AA:54:73:9C (Samsung Electronics Co.)
Nmap scan report for 192.168.40.31
Host is up (0.0062s latency).
Not shown: 977 closed ports
PORT STATE SERVICE
85/tcp filtered mit-ml-dev
259/tcp filtered esro-gen
1038/tcp filtered mtqp
1064/tcp filtered jstel
1067/tcp filtered instl_boots
1123/tcp filtered murray
1138/tcp filtered encrypted_admin
2030/tcp filtered device2
2366/tcp filtered qip-login
2394/tcp filtered ms-olap2
2869/tcp filtered icslap
3945/tcp filtered emcads
4998/tcp filtered maybe-veritas
5000/tcp filtered upnp
5961/tcp filtered unknown
8400/tcp filtered cvd
9290/tcp filtered unknown
13783/tcp filtered netbackup
20005/tcp filtered btx
21571/tcp filtered unknown
27356/tcp filtered unknown
40193/tcp filtered unknown
62078/tcp open iphone-sync
MAC Address: 78:6C:1C:A0:53:45 (Apple
Scan Cabeado
Starting Nmap 6.47 ( http://nmap.org ) at 2014-12-01 21:51 BRST
Nmap scan report for 192.168.8.1
Host is up (0.027s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
MAC Address: D0:67:E5:6F:7D:7A (Dell)
Nmap scan report for 192.168.8.102
Host is up (0.0011s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp open rtsp
902/tcp open iss-realsecure
912/tcp open apex-mesh
2869/tcp open icslap
5357/tcp open wsdapi
10243/tcp open unknown
49155/tcp open unknown
MAC Address: 00:17:F2:D6:1D:97 (Apple)
Nmap scan report for 192.168.8.103
Host is up (0.0011s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp open rtsp
902/tcp open iss-realsecure
912/tcp open apex-mesh
2869/tcp open icslap
5357/tcp open wsdapi
10243/tcp open unknown
49155/tcp open unknown
MAC Address: 00:17:F2:D8:DC:F2 (Apple)
Nmap scan report for 192.168.8.104
Host is up (0.0012s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp open rtsp
902/tcp open iss-realsecure
912/tcp open apex-mesh
2869/tcp open icslap
5357/tcp open wsdapi
10243/tcp open unknown
49155/tcp open unknown
MAC Address: 00:17:F2:D6:16:25 (Apple)
Nmap scan report for 192.168.8.105
Host is up (0.0011s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp open rtsp
902/tcp open iss-realsecure
912/tcp open apex-mesh
2869/tcp open icslap
5357/tcp open wsdapi
10243/tcp open unknown
49156/tcp open unknown
MAC Address: 00:17:F2:D6:BB:F8 (Apple)
Nmap scan report for 192.168.8.110
Host is up (0.0012s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp open rtsp
902/tcp open iss-realsecure
912/tcp open apex-mesh
2869/tcp open icslap
5357/tcp open wsdapi
10243/tcp open unknown
49155/tcp open unknown
MAC Address: 00:17:F2:D6:19:C4 (Apple)
Nmap scan report for 192.168.8.117
Host is up (0.0013s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp open rtsp
902/tcp open iss-realsecure
912/tcp open apex-mesh
2869/tcp open icslap
5357/tcp open wsdapi
10243/tcp open unknown
49155/tcp open unknown
MAC Address: 00:17:F2:D8:44:01 (Apple)
Nmap scan report for 192.168.8.121
Host is up (0.00021s latency).
All 1000 scanned ports on 192.168.8.121 are filtered
MAC Address: 78:2B:CB:EE:08:B6 (Dell)
Nmap scan report for 192.168.8.130
Host is up (0.0012s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
554/tcp open rtsp
902/tcp open iss-realsecure
912/tcp open apex-mesh
2869/tcp open icslap
5357/tcp open wsdapi
10243/tcp open unknown
49155/tcp open unknown
MAC Address: 00:17:F2:D6:19:F2 (Apple)
Nmap scan report for 192.168.8.131
Host is up (0.00081s latency).
Not shown: 986 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
902/tcp open iss-realsecure
912/tcp open apex-mesh
3306/tcp open mysql
5357/tcp open wsdapi
5432/tcp open postgresql
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
49156/tcp open unknown
49159/tcp open unknown
MAC Address: 00:17:F2:D6:1B:50 (Apple)