View
21
Download
5
Category
Preview:
DESCRIPTION
analisis de vulnerabilidades
Citation preview
UNIVERSIDAD NACIONAL DE PIURA
FACULTAD DE INGENIERIA INDUSTRIAL
ESCUELA PROFESIONAL DE INGENIERIA INFORMATICA
CURSO:
Seguridad Informática
TEMA:
Análisis de Vulnerabilidades
PROFESOR:
Ing Wilfredo Cruz Yarleque
ALUMNO:
Alban Ato Jeancarlos
FECHA:
14/10/2015
Escaneo de red (ICMP)
Nmap scan report for 192.168.0.1
Host is up (0.0080s latency).
MAC Address: BC:D1:65:28:85:FD (Cisco Spvtg)
Nmap scan report for 192.168.0.24
Host is up (0.024s latency).
MAC Address: 00:08:22:0A:C8:FB (InPro Comm)
Nmap scan report for 192.168.0.90
Host is up (0.0066s latency).
MAC Address: 54:7F:54:88:C6:CC (Ingenico)
Nmap scan report for 192.168.0.14
Host is up.
Nmap done: 256 IP addresses (4 hosts up) scanned in 17.84 seconds
Escaneo de red (SYN TCP)
Nmap scan report for 192.168.0.1
Host is up (0.019s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
8080/tcp open http-proxy
MAC Address: BC:D1:65:28:85:FD (Cisco Spvtg)
Nmap scan report for 192.168.0.18
Host is up (0.014s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
MAC Address: E0:19:1D:9E:FD:43 (Huawei Technologies Co.)
Nmap scan report for 192.168.0.24
Host is up (0.041s latency).
All 1000 scanned ports on 192.168.0.24 are closed
MAC Address: 00:08:22:0A:C8:FB (InPro Comm)
Nmap scan report for 192.168.0.90
Host is up (0.017s latency).
All 1000 scanned ports on 192.168.0.90 are closed
MAC Address: 54:7F:54:88:C6:CC (Ingenico)
Escaneo de TCP de Host
Nmap scan report for 192.168.0.1
PORT STATE SERVICE
23/tcp open telnet
80/tcp open http
8080/tcp open http-proxy
MAC Address: BC:D1:65:28:85:FD (Cisco Spvtg)
Nmap scan report for 192.168.0.18
PORT STATE SERVICE
49152/tcp open unknown
49153/tcp open unknown
49154/tcp open unknown
49155/tcp open unknown
MAC Address: E0:19:1D:9E:FD:43 (Huawei Technologies Co.)
Deteccion de Sistema Operativo
Nmap scan report for 192.168.0.1
MAC Address: BC:D1:65:28:85:FD (Cisco Spvtg)
Running: Wind River VxWorks
OS CPE: cpe:/o:windriver:vxworks
OS details: VxWorks
Nmap scan report for 192.168.0.11
MAC Address: A4:70:D6:F4:CD:56 (Motorola Mobility)
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.2 - 3.13
Nmap scan report for 192.168.0.18
MAC Address: E0:19:1D:9E:FD:43 (Huawei Technologies Co.)
Device type: general purpose
Running: Linux 3.X
OS CPE: cpe:/o:linux:linux_kernel:3
OS details: Linux 3.2 - 3.13
Nmap scan report for 192.168.0.90
MAC Address: 54:7F:54:88:C6:CC (Ingenico)
Device type: switch|general purpose|media device
Running: Cisco CatOS 7.X, HP Tru64 UNIX 5.X, Vantage embedded
OS CPE: cpe:/h:cisco:catalyst_ws-c6506 cpe:/o:cisco:catos:7 cpe:/o:hp:tru64_unix:5
cpe:/h:vantage:hd7100s
OS details: Cisco Catalyst WS-C6506 switch (CatOS 7.6(16)), HP Tru64 UNIX 5.1A, Vantage
HD7100S satellite receiver
ANALISIS DE VULNERABILIDADES CON NESSUS
Escaneo de vulnerabilidades en PC
Pregunta 2.
Nmap scan report for 190.113.220.54
Host is up (0.028s latency).
Not shown: 69 closed ports
PORT STATE SERVICE
25/tcp filtered smtp
53/tcp open domain
Device type: broadband router|general purpose|WAP
Running (JUST GUESSING): Linksys embedded (88%), Linux 3.X|2.4.X|2.6.X (88%)
OS CPE: cpe:/h:linksys:wrv200 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.4
cpe:/o:linux:linux_kernel:2.6
Pregunta 3. La principal diferencia entre las herramientas Nmap y Nassus es que Nassus muestra
una informacion mas detallada asi como recomendaciones, las cuales no se encuentra en Nmap.
Pregunta 4.
Servidor ip 190.113.220.54 www.unp.edu.pe
Apache 2.2.x < 2.2.28 Multiple Vulnerabilities
Descripcion: Version de servidor apache
Solucion: Instalar versión Apache version 2.2.29
PHP 5.2 < 5.2.14 Multiple Vulnerabilities
Descripcion: Version de PHP
Solucion: Actualizar PHP version 5.2.14
Servidor ip 54.83.50.56 www.diariocorreo.pe
DNS Server Cache Snooping Remote Information Disclosure
Descripcion: Servidor DNS divulgacion de informacion a distancia
Recommended