Nmap Continuación

Debido a mi falta de experiencia en la gestoría de blogs, y a la longitud de este tutorial he tenido que dividirlo en dos segmento para hacer más cómoda la lectura y compresión del artículo...


7. Si queremos averiguar que equipos poseen un servidor FTP, HTTP o DNS buscamos los puertos 21, 80 y 53 respectivamente.

• Usamos $ sudo nmap -sU -p 21,80,53 172.26.103.1-255. Nos aparece algo así (se han omitido algunos resultados):

Interesting ports on 172.26.103.4:
PORT STATE SERVICE
21/udp closed ftp
53/udp closed domain
80/udp closed http
MAC Address: 00:0D:61:05:68:61 (Giga-Byte Technology Co.)

Interesting ports on 172.26.103.5:
PORT STATE SERVICE
21/udp closed ftp
53/udp open|filtered domain
80/udp open|filtered http
MAC Address: 00:1A:4D:7F:9D:D3 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.7:
PORT STATE SERVICE
21/udp open|filtered ftp
53/udp closed domain
80/udp open|filtered http
MAC Address: 00:1A:4D:6E:08:60 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.8:
PORT STATE SERVICE
21/udp open|filtered ftp
53/udp closed domain
80/udp open|filtered http
MAC Address: 00:1A:4D:75:71:79 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.9:
PORT STATE SERVICE
21/udp open|filtered ftp
53/udp open|filtered domain
80/udp open|filtered http
MAC Address: 00:1A:4D:75:70:74 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.12:
PORT STATE SERVICE
21/udp open|filtered ftp
53/udp open|filtered domain
80/udp open|filtered http
MAC Address: 00:C0:9F:F2:ED:63 (Quanta Computer)

Interesting ports on 172.26.103.13:
PORT STATE SERVICE
21/udp open|filtered ftp
53/udp open|filtered domain
80/udp open|filtered http
MAC Address: 00:16:17:4F:AF:D5 (MSI)

Interesting ports on 172.26.103.17:
PORT STATE SERVICE
21/udp open|filtered ftp
53/udp open|filtered domain
80/udp open|filtered http
MAC Address: 00:1B:38:AB:BE:A2 (Compal Information (kunshan) CO.)

Interesting ports on 172.26.103.20:
PORT STATE SERVICE
21/udp closed ftp
53/udp closed domain
80/udp closed http
MAC Address: 00:0F:EA:31:C5:FA (Giga-Byte Technology Co.)

8. Averiguamos los puertos abiertos de cada uno de los equipos
de la red que están encendidos. Para ello escaneamos en los protocolos TCP y UDP, cabe destacar que esta operación puede tardar un buen tiempo asi que es mejor no tocar la ventana y esperar que la maquina haga todo solita xD....

• Usamos $sudo nmap -sT -sU 172.26.103.1-255 y nos tomamos una coca-cola xD...Mi resultado quedo así:

Starting Nmap 4.53 ( http://insecure.org ) at 2008-04-30 09:25 CEST
Interesting ports on 172.26.103.2:
Not shown: 3200 closed ports
PORT STATE SERVICE
68/udp open|filtered dhcpc
5353/udp open|filtered zeroconf
MAC Address: 00:1A:4D:6E:07:EB (Gigabyte Technology Co.)

Interesting ports on 172.26.103.5:
Not shown: 3197 closed ports
PORT STATE SERVICE
3128/tcp open squid-http
68/udp open|filtered dhcpc
3130/udp open|filtered squid-ipc
5353/udp open|filtered zeroconf
32768/udp open|filtered omad
MAC Address: 00:1A:4D:7F:9D:D3 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.7:
Not shown: 3195 closed ports
PORT STATE SERVICE
139/tcp open netbios-ssn
445/tcp open microsoft-ds
902/tcp open iss-realsecure-sensor
68/udp open|filtered dhcpc
137/udp open|filtered netbios-ns
138/udp open|filtered netbios-dgm
5353/udp open|filtered zeroconf
MAC Address: 00:1A:4D:6E:08:60 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.8:
Not shown: 3200 closed ports
PORT STATE SERVICE
68/udp open|filtered dhcpc
5353/udp open|filtered zeroconf
MAC Address: 00:1A:4D:75:71:79 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.9:
Not shown: 3199 closed ports
PORT STATE SERVICE
10000/tcp open snet-sensor-mgmt
68/udp open|filtered dhcpc
5353/udp open|filtered zeroconf
MAC Address: 00:1A:4D:75:70:74 (Gigabyte Technology Co.)

Interesting ports on 172.26.103.12:
Not shown: 3201 closed ports
PORT STATE SERVICE
5353/udp open|filtered zeroconf
MAC Address: 00:C0:9F:F2:ED:63 (Quanta Computer)

All 3202 scanned ports on 172.26.103.13 are filtered (1714) or open|filtered (1488)
MAC Address: 00:16:17:4F:AF:D5 (MSI)

Interesting ports on 172.26.103.17:
Not shown: 3200 closed ports
PORT STATE SERVICE
68/udp open|filtered dhcpc
5353/udp open|filtered zeroconf
MAC Address: 00:1B:38:AB:BE:A2 (Compal Information (kunshan) CO.)

Interesting ports on 172.26.103.20:
Not shown: 3191 closed ports
PORT STATE SERVICE
80/tcp open http
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
123/udp open|filtered ntp
137/udp open|filtered netbios-ns
138/udp open|filtered netbios-dgm
445/udp open|filtered microsoft-ds
500/udp open|filtered isakmp
1900/udp open|filtered UPnP
4500/udp open|filtered sae-urn
MAC Address: 00:0F:EA:31:C5:FA (Giga-Byte Technology Co.)

Interesting ports on 172.26.103.26:
Not shown: 3184 closed ports
PORT STATE SERVICE
80/tcp open http
111/tcp open rpcbind
139/tcp open netbios-ssn
445/tcp open microsoft-ds
2049/tcp open nfs
3128/tcp open squid-http
8080/tcp open http-proxy
111/udp open|filtered rpcbind
137/udp open|filtered netbios-ns
138/udp open|filtered netbios-dgm
642/udp open|filtered unknown
2049/udp open|filtered nfs
3130/udp open|filtered squid-ipc
5353/udp open|filtered zeroconf
32768/udp open|filtered omad
32773/udp open|filtered sometimes-rpc10
32774/udp open|filtered sometimes-rpc12
32775/udp open|filtered sometimes-rpc14
MAC Address: 00:19:66:44:E6:F3 (Asiarock Technology Limited)

Interesting ports on 172.26.103.28:
Not shown: 3201 closed ports
PORT STATE SERVICE
5353/udp open|filtered zeroconf

Nmap done: 255 IP addresses (11 hosts up) scanned in 1508.373 seconds