elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Estamos en la red social de Mastodon


+  Foro de elhacker.net
|-+  Comunicaciones
| |-+  Redes
| | |-+  scan con zenmap de mi red
0 Usuarios y 1 Visitante están viendo este tema.
Páginas: [1] Ir Abajo Respuesta Imprimir
Autor Tema: scan con zenmap de mi red  (Leído 4,878 veces)
Hason


Desconectado Desconectado

Mensajes: 790


Keep calm and use the spiritual force


Ver Perfil WWW
scan con zenmap de mi red
« en: 13 Agosto 2015, 20:29 pm »

Estoy escaneando mi red,  con zenmap, por que tengo un intruso en el chipset de la placa base, y concretamente en el controlador de red, aparentemente, por toda la información que tengo, de logs e historias.

Pues estoy analizando mi router y mi pc que tengo conectado por cable, haber si podeis aclararme un poco esto, estoy haciendo un slow comprensive scan, de mi ip interna del router, que es 222.222.222.2 y luego otro scan con la ip interna del pc que utilizo que es 222.222.222.22 , voy a pegar los logs, me dice que estoy en china, la verdad que no tengo mucha idea, haber que podeis decirme con lo que veis:

Primero scan de mi router 222.222.222.2

Starting Nmap 6.40 ( http://nmap.org ) at 2015-08-12 20:31 CEST
NSE: Loaded 227 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 20:31
NSE: mtrace: A source IP must be provided through fromip argument.
Completed NSE at 20:31, 10.53s elapsed
Pre-scan script results:
| broadcast-eigrp-discovery:
|_ ERROR: Couldn't get an A.S value.
| http-icloud-findmyiphone:
|_  ERROR: No username or password was supplied
| http-icloud-sendmsg:
|_  ERROR: No username or password was supplied
| targets-asn:
|_  targets-asn.asn is a mandatory parameter
Initiating ARP Ping Scan at 20:31
Scanning 222.222.222.2 [1 port]
Completed ARP Ping Scan at 20:31, 0.22s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 20:31
Completed Parallel DNS resolution of 1 host. at 20:31, 2.47s elapsed
Initiating SYN Stealth Scan at 20:31
Scanning 222.222.222.2 [1000 ports]
Discovered open port 80/tcp on 222.222.222.2
Discovered open port 21/tcp on 222.222.222.2
Discovered open port 23/tcp on 222.222.222.2
Completed SYN Stealth Scan at 20:32, 13.84s elapsed (1000 total ports)
Initiating UDP Scan at 20:32
Scanning 222.222.222.2 [1000 ports]
Completed UDP Scan at 20:32, 4.77s elapsed (1000 total ports)
Initiating Service scan at 20:32
Scanning 1003 services on 222.222.222.2
Discovered open port 53/udp on 222.222.222.2
Discovered open|filtered port 53/udp on 222.222.222.2 is actually open
Service scan Timing: About 0.50% done
Service scan Timing: About 3.49% done; ETC: 21:51 (1:16:03 remaining)
Service scan Timing: About 6.48% done; ETC: 21:35 (0:59:24 remaining)
Service scan Timing: About 9.47% done; ETC: 21:30 (0:52:34 remaining)
Service scan Timing: About 12.46% done; ETC: 21:27 (0:48:14 remaining)
Service scan Timing: About 15.45% done; ETC: 21:25 (0:45:08 remaining)
Service scan Timing: About 21.04% done; ETC: 21:18 (0:36:25 remaining)
Service scan Timing: About 21.44% done; ETC: 21:23 (0:40:19 remaining)
Service scan Timing: About 26.92% done; ETC: 21:18 (0:33:51 remaining)
Service scan Timing: About 27.42% done; ETC: 21:22 (0:36:24 remaining)
Service scan Timing: About 32.90% done; ETC: 21:18 (0:31:02 remaining)
Service scan Timing: About 38.88% done; ETC: 21:18 (0:28:14 remaining)
Service scan Timing: About 44.87% done; ETC: 21:18 (0:25:28 remaining)
Service scan Timing: About 50.85% done; ETC: 21:18 (0:22:41 remaining)
Service scan Timing: About 56.83% done; ETC: 21:18 (0:19:55 remaining)
Service scan Timing: About 62.81% done; ETC: 21:18 (0:17:09 remaining)
Service scan Timing: About 68.69% done; ETC: 21:18 (0:14:27 remaining)
Service scan Timing: About 74.68% done; ETC: 21:18 (0:11:42 remaining)
Service scan Timing: About 80.66% done; ETC: 21:18 (0:08:56 remaining)
Service scan Timing: About 86.14% done; ETC: 21:18 (0:06:26 remaining)
Service scan Timing: About 92.12% done; ETC: 21:18 (0:03:39 remaining)
Service scan Timing: About 98.11% done; ETC: 21:18 (0:00:53 remaining)
Completed Service scan at 21:19, 2807.17s elapsed (1003 services on 1 host)
Initiating OS detection (try #1) against 222.222.222.2
Retrying OS detection (try #2) against 222.222.222.2
NSE: Script scanning 222.222.222.2.
Initiating NSE at 21:19
Discovered open port 67/udp on 222.222.222.2
NSE Timing: About 3.47% done; ETC: 21:34 (0:14:21 remaining)
NSE Timing: About 3.47% done; ETC: 21:48 (0:28:14 remaining)
NSE Timing: About 5.39% done; ETC: 21:47 (0:26:36 remaining)
NSE Timing: About 9.30% done; ETC: 21:41 (0:20:10 remaining)
NSE Timing: About 11.29% done; ETC: 21:43 (0:21:20 remaining)
NSE Timing: About 13.30% done; ETC: 21:45 (0:22:36 remaining)
NSE Timing: About 17.21% done; ETC: 21:42 (0:19:34 remaining)
NSE Timing: About 19.40% done; ETC: 21:45 (0:20:51 remaining)
NSE Timing: About 22.86% done; ETC: 21:43 (0:18:47 remaining)
NSE Timing: About 28.96% done; ETC: 21:43 (0:17:27 remaining)
NSE Timing: About 35.12% done; ETC: 21:43 (0:15:55 remaining)
NSE Timing: About 40.86% done; ETC: 21:44 (0:14:39 remaining)
NSE Timing: About 46.95% done; ETC: 21:44 (0:13:08 remaining)
NSE Timing: About 52.59% done; ETC: 21:44 (0:11:49 remaining)
NSE Timing: About 57.69% done; ETC: 21:44 (0:10:30 remaining)
NSE Timing: About 63.06% done; ETC: 21:44 (0:09:11 remaining)
NSE Timing: About 67.88% done; ETC: 21:43 (0:07:56 remaining)
NSE Timing: About 73.25% done; ETC: 21:44 (0:06:39 remaining)
NSE Timing: About 78.25% done; ETC: 21:44 (0:05:24 remaining)
NSE Timing: About 83.17% done; ETC: 21:43 (0:04:09 remaining)
NSE Timing: About 88.63% done; ETC: 21:43 (0:02:48 remaining)
NSE Timing: About 94.27% done; ETC: 21:43 (0:01:25 remaining)
Completed NSE at 21:44, 1485.54s elapsed
Initiating NSE at 21:44
NSE Timing: About 33.33% done; ETC: 21:45 (0:01:02 remaining)
NSE Timing: About 66.67% done; ETC: 21:45 (0:00:30 remaining)
Completed NSE at 21:45, 90.00s elapsed
Nmap scan report for 222.222.222.2
Host is up (0.00034s latency).
Not shown: 998 open|filtered ports, 997 filtered ports
PORT   STATE SERVICE VERSION
21/tcp open  ftp     Netgear broadband router or ZyXel VoIP adapter ftpd 1.0
|_banner: 220 TP-LINK FTP version 1.0 ready at Sun Jan  2 12:55:55 2000
23/tcp open  telnet?
|_banner: \xFF\xFB\x03\xFF\xFB\x01\x0D\x0APassword:
| telnet-encryption:
|_  Telnet server does not support encryption
80/tcp open  http    Allegro RomPager 4.07 UPnP/1.0 (ZyXEL ZyWALL 2)
| http-auth-finder:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=222.222.222.2
|   url                                       method
|_  http://222.222.222.2/login_security.html  FORM
|_http-cakephp-version: false
| http-comments-displayer:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=222.222.222.2
|     
|     Path: http://222.222.222.2/login_security.html
|     Line number: 41
|     Comment:
|         <!--
|         function doLoad(){
|         document.Login_Form.Login_Name.disabled = false;
|         document.Login_Form.Login_Pwd.disabled =false;
|         document.Login_Form.texttpLoginBtn.disabled = false;
|         if (window != top) top.location.href = location.href;
|         document.Login_Form.Login_Name.focus();
|         }
|         var key_flag = 0;
|         var hex_chr = "0123456789abcdef";
|         function rhex(num)
|         {
|         var str = "";
|         for(var j = 0; j <= 3; j++){
|         var num1=rightmove(num , (j * 8 + 4)) ;
|         var num2=and(num1,0x0f);
|         var num3=rightmove(num,j*8);
|         var num4=and(num3,0x0f);
|         str += hex_chr.charAt(num2) + hex_chr.charAt(num4);
|         }
|         return str;
|         }
|         function and(i,j)
|         {
|         var temi;
|         var temj;
|         var result;
|         if(i >= 0 && i < 0X80000000)
|         if(j >= 0 && j < 0X80000000)
|         return i&j;
|         if(i < 0 || i >= 0X80000000) {
|         if(j < 0 || j >= 0X80000000){
|         if(i < 0)
|         temi = i + 0x80000000;
|         else
|         temi = i - 0X80000000;
|         if(j < 0)
|         temj = j + 0x80000000;
|         else
|         temj = j - 0X80000000;
|         result = temi & temj;
|         result = result - 0X80000000;
|         return result;
|         }
|         }
|         if(i < 0 || i >= 0X80000000) {
|         if(i < 0)
|         temi = i + 0x80000000;
|         else
|         temi = i - 0X80000000;
|         result = temi & j;
|         return result;
|         }
|         if(j < 0 || j >= 0X80000000)   {
|         if(j < 0)
|         temj = j + 0x80000000;
|         else
|         temj = j - 0X80000000;
|         result = i & temj;
|         return result;
|         }
|         }
|         function reverse(num1)
|         {
|         var f=0;
|         if(num1>=0X80000000)
|         {
|         num1=num1-0X80000000;
|         f=(~num1);
|         f=f+0X80000000;
|         return f;
|         }
|         if(num1<0)
|         {
|         num1=num1+0X80000000;
|         f=(~num1);
|         f=f+0X80000000;
|         return f;
|         }
|         f=(~num1);
|         return f;
|         }
|         function or(i , j)
|         {
|         var temi;
|         var temj;
|         var result;
|         if(i >= 0 && i < 0X80000000)
|         if(j >= 0 && j < 0X80000000)
|         return i|j;
|         if(i < 0 || i >= 0X80000000) {
|         if(j < 0 || j >= 0X80000000){
|         if(i < 0)
|         temi = i + 0x80000000;
|         else
|         temi = i - 0X80000000;
|         if(j < 0)
|         temj = j + 0x80000000;
|         else
|         temj = j - 0X80000000;
|         result = temi | temj;
|         result = result - 0X80000000;
|         return result;
|         }
|         }
|         if(i < 0 || i >= 0X80000000) {
|         if(i < 0)
|         temi = i + 0x80000000;
|         else
|         temi = i - 0X80000000;
|         result = temi | j;
|         result = result - 0X80000000;
|         return result;
|         }
|         if(j < 0 || j >= 0X80000000)   {
|         if(j < 0)
|         temj = j + 0x80000000;
|         else
|         temj = j - 0X80000000;
|         result = i | temj;
|         result = result - 0X80000000;
|         return result;
|         }
|         }
|         function xor(i,j)
|         {
|         var temi;
|         var temj;
|         var result;
|         if(i >= 0 && i < 0X80000000)
|         if(j >= 0 && j < 0X80000000)
|         return i^j;
|         if(i < 0 || i >= 0X80000000) {
|         if(j < 0 || j >= 0X80000000)   {
|         if(i < 0)
|         temi = i + 0x80000000;
|         else
|         temi = i - 0X80000000;
|         if(j < 0)
|         temj = j + 0x80000000;
|         else
|         temj = j - 0X80000000;
|         result = temi ^ temj;
|         return result;
|         }
|         }
|         if(i < 0 || i >= 0X80000000) {
|         if(i < 0)
|         temi = i + 0x80000000;
|         else
|         temi = i - 0X80000000;
|         result = temi ^ j;
|         result = result + 0X80000000;
|         return result;
|         }
|         if(j < 0 || j >= 0X80000000){
|         if(j < 0)
|         temj = j + 0x80000000;
|         else
|         temj = j - 0X80000000;
|         result = i ^ temj;
|         result = result + 0X80000000;
|         return result;
|         }
|         }
|         function rightmove(num,i)
|         {
|         var result;
|         var temp=0x80000000;
|         if(num >= 0 && num < 0X80000000)   {
|         result = num >>i;
|         return result;
|         }
|         if(num < 0 || num >= 0X80000000) {
|         if(num < 0)
|         num = num + 0x80000000;
|         else
|         num = num - 0X80000000;
|         result = num >> i;
|         for(;i>0;i=i-1)
|         temp=temp/2;
|         result=temp+result;
|         return result;
|         }
|         }
|         function leftmove(num,i)
|         {
|         var result;
|         if(num >= 0 && num < 0X80000000){
|         result = num <<i;
|         return result;
|         }
|         if(num < 0 || num >= 0X80000000) {
|         if(num < 0)
|         num = num + 0x80000000;
|         else
|         num = num - 0X80000000
|         result = num << i;
|         return result;
|         }
|         }
|         function str2blks_MD5(str)
|         {
|         var nblk = ((str.length + 8) >> 6) + 1;
|         var blks = new Array(nblk * 16);
|         for(var i = 0; i < nblk * 16; i++) blks = 0;
|         for(i = 0; i < str.length; i++)
|         blks[i >> 2] |= str.charCodeAt(i) << ((i % 4) * 8);
|         blks[i >> 2] |= 0x80 << ((i % 4) * 8);
|         blks[nblk * 16 - 2] = str.length * 8;
|         return blks;
|         }
|         function add(x, y)
|         {
|         var num1=and(x,0x7FFFFFFF);
|         var num2=and(y,0x7FFFFFFF);
|         var num3=and(x,0x80000000);
|         var num4=and(y,0x80000000);
|         var num5=num1+num2;
|         var num6=xor(num5,num3);
|         var num=xor(num6,num4);
|         return num;
|         }
|         function rol(num, cnt)
|         {
|         var num1=leftmove(num,cnt);
|         var num2=rightmove(num,(32-cnt));
|         var num3=or(num1,num2);
|         return num3;
|         }
|         function cmn(q, a, b, x, s, t)
|         {
|         return add(rol(add(add(a, q), add(x, t)), s), b);
|         }
|         function ff(a, b, c, d, x, s, t)
|         {
|         var num1=and(b,c);
|         var num2=and(reverse(b),d);
|         var num3=or(num1,num2);
|         return cmn(num3, a, b, x, s, t);
|         }
|         function gg(a, b, c, d, x, s, t)
|         {
|         var num1=and(b,d);
|         var num2=and(c,reverse(d));
|         var num3=or(num1,num2);
|         return cmn(num3, a, b, x, s, t);
|         }
|         function hh(a, b, c, d, x, s, t)
|         {
|         var num1=xor(b,c);
|         var num2=xor(num1,d);
|         return cmn(num2, a, b, x, s, t);
|         }
|         function ii(a, b, c, d, x, s, t)
|         {
|         var num1=or(b,reverse(d));
|         var num2=xor(c,num1);
|         return cmn(num2, a, b, x, s, t);
|         }
|         function calcMD5(str)
|         {
|         var x = str2blks_MD5(str);
|         var a = 0x67452301;
|         var b = 0xEFCDAB89;
|         var c = 0x98BADCFE;
|         var d = 0x10325476;
|         for(var i = 0; i < x.length; i += 16)
|         {
|         var olda = a;
|         var oldb = b;
|         var oldc = c;
|         var oldd = d;
|         a = ff(a, b, c, d, x[i+ 0], 7 , 0xD76AA478);
|         d = ff(d, a, b, c, x[i+ 1], 12, 0xE8C7B756);
|         c = ff(c, d, a, b, x[i+ 2], 17, 0x242070DB);
|         b = ff(b, c, d, a, x[i+ 3], 22, 0xC1BDCEEE);
|         a = ff(a, b, c, d, x[i+ 4], 7 , 0xF57C0FAF);
|         d = ff(d, a, b, c, x[i+ 5], 12, 0x4787C62A);
|         c = ff(c, d, a, b, x[i+ 6], 17, 0xA8304613);
|         b = ff(b, c, d, a, x[i+ 7], 22, 0xFD469501);
|         a = ff(a, b, c, d, x[i+ 8], 7 , 0x698098D8);
|         d = ff(d, a, b, c, x[i+ 9], 12, 0x8B44F7AF);
|         c = ff(c, d, a, b, x[i+10], 17, 0xFFFF5BB1);
|         b = ff(b, c, d, a, x[i+11], 22, 0x895CD7BE);
|         a = ff(a, b, c, d, x[i+12], 7 , 0x6B901122);
|         d = ff(d, a, b, c, x[i+13], 12, 0xFD987193);
|         c = ff(c, d, a, b, x[i+14], 17, 0xA679438E);
|         b = ff(b, c, d, a, x[i+15], 22, 0x49B40821);
|         a = gg(a, b, c, d, x[i+ 1], 5 , 0xF61E2562);
|         d = gg(d, a, b, c, x[i+ 6], 9 , 0xC040B340);
|         c = gg(c, d, a, b, x[i+11], 14, 0x265E5A51);
|         b = gg(b, c, d, a, x[i+ 0], 20, 0xE9B6C7AA);
|         a = gg(a, b, c, d, x[i+ 5], 5 , 0xD62F105D);
|         d = gg(d, a, b, c, x[i+10], 9 , 0x02441453);
|         c = gg(c, d, a, b, x[i+15], 14, 0xD8A1E681);
|         b = gg(b, c, d, a, x[i+ 4], 20, 0xE7D3FBC8);
|         a = gg(a, b, c, d, x[i+ 9], 5 , 0x21E1CDE6);
|         d = gg(d, a, b, c, x[i+14], 9 , 0xC33707D6);
|         c = gg(c, d, a, b, x[i+ 3], 14, 0xF4D50D87);
|         b = gg(b, c, d, a, x[i+ 8], 20, 0x455A14ED);
|         a = gg(a, b, c, d, x[i+13], 5 , 0xA9E3E905);
|         d = gg(d, a, b, c, x[i+ 2], 9 , 0xFCEFA3F8);
|         c = gg(c, d, a, b, x[i+ 7], 14, 0x676F02D9);
|         b = gg(b, c, d, a, x[i+12], 20, 0x8D2A4C8A);
|         a = hh(a, b, c, d, x[i+ 5], 4 , 0xFFFA3942);
|         d = hh(d, a, b, c, x[i+ 8], 11, 0x8771F681);
|         c = hh(c, d, a, b, x[i+11], 16, 0x6D9D6122);
|         b = hh(b, c, d, a, x[i+14], 23, 0xFDE5380C);
|         a = hh(a, b, c, d, x[i+ 1], 4 , 0xA4BEEA44);
|         d = hh(d, a, b, c, x[i+ 4], 11, 0x4BDECFA9);
|         c = hh(c, d, a, b, x[i+ 7], 16, 0xF6BB4B60);
|         b = hh(b, c, d, a, x[i+10], 23, 0xBEBFBC70);
|         a = hh(a, b, c, d, x[i+13], 4 , 0x289B7EC6);
|         d = hh(d, a, b, c, x[i+ 0], 11, 0xEAA127FA);
|         c = hh(c, d, a, b, x[i+ 3], 16, 0xD4EF3085);
|         b = hh(b, c, d, a, x[i+ 6], 23, 0x04881D05);
|         a = hh(a, b, c, d, x[i+ 9], 4 , 0xD9D4D039);
|         d = hh(d, a, b, c, x[i+12], 11, 0xE6DB99E5);
|         c = hh(c, d, a, b, x[i+15], 16, 0x1FA27CF8);
|         b = hh(b, c, d, a, x[i+ 2], 23, 0xC4AC5665);
|         a = ii(a, b, c, d, x[i+ 0], 6 , 0xF4292244);
|         d = ii(d, a, b, c, x[i+ 7], 10, 0x432AFF97);
|         c = ii(c, d, a, b, x[i+14], 15, 0xAB9423A7);
|         b = ii(b, c, d, a, x[i+ 5], 21, 0xFC93A039);
|         a = ii(a, b, c, d, x[i+12], 6 , 0x655B59C3);
|         d = ii(d, a, b, c, x[i+ 3], 10, 0x8F0CCC92);
|         c = ii(c, d, a, b, x[i+10], 15, 0xFFEFF47D);
|         b = ii(b, c, d, a, x[i+ 1], 21, 0x85845DD1);
|         a = ii(a, b, c, d, x[i+ 8], 6 , 0x6FA87E4F);
|         d = ii(d, a, b, c, x[i+15], 10, 0xFE2CE6E0);
|         c = ii(c, d, a, b, x[i+ 6], 15, 0xA3014314);
|         b = ii(b, c, d, a, x[i+13], 21, 0x4E0811A1);
|         a = ii(a, b, c, d, x[i+ 4], 6 , 0xF7537E82);
|         d = ii(d, a, b, c, x[i+11], 10, 0xBD3AF235);
|         c = ii(c, d, a, b, x[i+ 2], 15, 0x2AD7D2BB);
|         b = ii(b, c, d, a, x[i+ 9], 21, 0xEB86D391);
|         a = add(a, olda);
|         b = add(b, oldb);
|         c = add(c, oldc);
|         d = add(d, oldd);
|         }
|         return rhex(a) + rhex(b) + rhex(c) + rhex(d);
|         }
|         function passwordMD5(str)
|         {
|         var MDstring = calcMD5(str);
|         return MDstring;
|         }
|         function LoginClick(loginUsername, loginPassword, hiddenUsername, hiddenPassword)
|         {
|         var usernameStr;
|         var passwordStr;
|         if (null == loginUsername || 0 == loginUsername.value.length)
|         {
|         alert ("Please input a username");
|         key_flag = 0;
|         return false;
|         }
|         if (null == loginPassword || 0 == loginPassword.value.length)
|         {
|         alert ("Please input a password");
|         key_flag = 0;
|         return false;
|         }
|         usernameStr = passwordMD5(loginUsername.value);
|         passwordStr = passwordMD5(loginPassword.value);
|         hiddenUsername.value = usernameStr;
|         hiddenPassword.value = passwordStr;
|         loginPassword.value = "Ha2S+eOKqmzA6nrlmTeh7w==";
|         return true;
|         }
|         function checkForm()
|         {
|         if(key_flag == 0){
|         key_flag = 1;
|         var loginUsername;
|         var loginPassword;
|         var hiddenUsername;
|         var hiddenPassword;
|         loginUsername = document.Login_Form.Login_Name;
|         loginPassword = document.Login_Form.Login_Pwd;
|         hiddenUsername = document.Login_Form.uiWebLoginhiddenUsername;
|         hiddenPassword = document.Login_Form.uiWebLoginhiddenPassword;
|         if ( LoginClick(loginUsername, loginPassword, hiddenUsername, hiddenPassword) )
|         {
|         document.Login_Form.submit();
|         return true;
|         }
|         else
|         return false;
|         }
|         }
|         function changeBorderColor(obj, val){
|         if(val == 1)
|         obj.style.borderColor = "#FF9933";else
|         obj.style.borderColor = "#E5E5E5";
|         }
|         function onHandleKeyPress(e)
|         {
|         var key = 0;
|         if ( window.event )
|         key = window.event.keyCode;
|         else if ( e )
|         key = e.which;
|         if ( key == 13 )
|         {
|         if (document.activeElement == null || (document.activeElement.id != 'LoginBtnID'))
|         return checkForm();
|         }
|         }
|         document.onkeypress = onHandleKeyPress;
|         //-->
|     
|     Path: http://222.222.222.2/login_security.html
|     Line number: 506
|     Comment:
|         <!-- RpZDT -->
|     
|     Path: http://222.222.222.2/login_security.html
|     Line number: 453
|     Comment:
|         
|_        //-->
|_http-date: Sun, 02 Jan 2000 12:39:15 GMT; -15y222d6h40m02s from local time.
|_http-default-accounts: [ERROR] HTTP request table is empty. This should not happen since we at least made one request.
|_http-google-malware: [ERROR] No API key found. Update the variable APIKEY in http-google-malware or set it in the argument http-google-malware.api
| http-grep:
|_  ERROR: Argument http-grep.match was not set
| http-headers:
|   Content-Type: text/html
|   Date: Sun, 02 Jan 2000 12:39:15 GMT
|   Pragma: no-cache
|   Expires: Thu, 26 Oct 1995 00:00:00 GMT
|   Transfer-Encoding: chunked
|   Server: RomPager/4.07 UPnP/1.0
|   Connection: close
|   EXT:
|   
|_  (Request type: GET)
| http-methods: GET HEAD POST PUT
| Potentially risky methods: PUT
|_See http://nmap.org/nsedoc/scripts/http-methods.html
| http-title: Site doesn't have a title (text/html).
|_Requested resource was http://222.222.222.2/login_security.html
| http-traceroute:
|_  Possible reverse proxy detected.
|_membase-http-info: false
|_riak-http-info: false
53/udp open  domain  NetWare dnsd
| dns-client-subnet-scan:
|_  ERROR: dns-client-subnet-scan.domain was not specified
|_dns-recursion: Recursion appears to be enabled
67/udp open  dhcps?
| dhcp-discover:
|   DHCP Message Type: DHCPACK
|   Subnet Mask: 255.255.255.0
|   Router: 222.222.222.2
|   Domain Name Server: 8.8.8.8, 8.8.4.4
|   Hostname: dhcppc0
|   Domain Name:
|_  Server Identifier: 222.222.222.2
MAC Address: 10:FE:ED:71:59:8A (Tp-link Technologies CO.)
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: webcam|router|WAP
Running (JUST GUESSING): D-Link embedded (97%), Linksys embedded (97%), Planet embedded (90%)
OS CPE: cpe:/h:dlink:dcs-6620g cpe:/h:linksys:befsr41 cpe:/h:planet:wap-1950
Aggressive OS guesses: D-Link DCS-6620G webcam or Linksys BEFSR41 EtherFast router (97%), D-Link DCS-3220 webcam (93%), Linksys BEFSR41 EtherFast router (90%), Planet WAP-1950 WAP (90%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop
Service Info: Host: TP-LINK

Host script results:
| asn-query:
| BGP: 222.222.0.0/15 | Country: CN
|   Origin AS: 4134 - CHINANET-BACKBONE No.31,Jin-rong Street,CN
|_    Peer AS: 174 1273 1299 2914 3257 3356 11164
| firewalk:
| HOP  HOST            PROTOCOL  BLOCKED PORTS
| 0    222.222.222.22  tcp       1,3-4,6-7,9,13,17,19-20
|_                     udp       2-3,7,9,13,17,19-22
|_hostmap-robtex:
| ip-geolocation-geoplugin:
| 222.222.222.2
|   coordinates (lat,lon): 39.889702,115.275002
|_  state: Hebei, China
|_ip-geolocation-maxmind: ERROR: Script execution failed (use -d to debug)
|_ipidseq: Unknown
| qscan:
| PORT  FAMILY  MEAN (us)  STDDEV  LOSS (%)
| 21    0       0.00       -0.00   100.0%
| 23    1       0.00       -0.00   100.0%
| 53    2       0.00       -0.00   100.0%
|_80    3       0.00       -0.00   100.0%
|_traceroute-geolocation: ERROR: Script execution failed (use -d to debug)
| whois: Record found at whois.apnic.net
| inetnum: 222.222.0.0 - 222.223.255.255
| netname: CHINANET-HE
| descr: CHINANET hebei province network
| country: CN
| person: Bin Ren
|_email: hostmaster@hbtele.com

TRACEROUTE
HOP RTT     ADDRESS
1   0.34 ms 222.222.222.2

NSE: Script Post-scanning.
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 4432.50 seconds
           Raw packets sent: 5229 (213.484KB) | Rcvd: 37 (2.782KB)





---------------------------------------------------------------------------------------------------------





Ahora el scan de mi pc 222.222.222.22


Starting Nmap 6.40 ( http://nmap.org ) at 2015-08-12 20:22 CEST
NSE: Loaded 227 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 20:22
NSE: mtrace: A source IP must be provided through fromip argument.
Completed NSE at 20:22, 10.04s elapsed
Pre-scan script results:
| broadcast-eigrp-discovery:
|_ ERROR: Couldn't get an A.S value.
| http-icloud-findmyiphone:
|_  ERROR: No username or password was supplied
| http-icloud-sendmsg:
|_  ERROR: No username or password was supplied
| targets-asn:
|_  targets-asn.asn is a mandatory parameter
Initiating Parallel DNS resolution of 1 host. at 20:22
Completed Parallel DNS resolution of 1 host. at 20:22, 0.51s elapsed
Initiating SYN Stealth Scan at 20:22
Scanning 222.222.222.22 [1000 ports]
Completed SYN Stealth Scan at 20:22, 1.99s elapsed (1000 total ports)
Initiating UDP Scan at 20:22
Scanning 222.222.222.22 [1000 ports]
adjust_timeouts2: packet supposedly had rtt of -100251 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100251 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100205 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100205 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100161 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100161 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100111 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100111 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100020 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100020 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103469 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103469 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103419 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103419 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103370 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103370 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103321 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103321 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103272 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103272 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103226 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103226 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103180 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103180 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103129 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103129 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103081 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103081 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103031 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103031 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102977 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102977 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102927 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102927 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102876 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102876 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102824 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102824 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102774 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102774 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102725 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102725 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102671 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102671 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102622 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102622 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102570 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102570 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102520 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102520 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102468 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102468 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102417 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102417 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102365 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102365 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102316 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102316 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102266 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102266 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102218 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102218 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102170 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102170 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102109 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102109 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102041 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102041 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101992 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101992 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101939 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101939 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101894 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101894 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101847 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101847 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101802 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101802 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101757 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101757 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101712 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101712 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101667 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101667 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101618 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101618 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101548 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101548 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100207 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100207 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100049 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -100049 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103431 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103431 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103380 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103380 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103330 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103330 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103280 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103280 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103230 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103230 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103179 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103179 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103129 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103129 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103078 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103078 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103028 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -103028 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102978 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102978 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102923 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102923 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102827 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102827 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102776 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102776 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102727 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102727 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102675 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102675 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102626 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102626 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102575 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102575 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102525 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102525 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102476 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102476 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102426 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102426 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102376 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102376 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102326 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102326 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102274 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102274 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102222 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102222 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102172 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102172 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102121 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102121 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102070 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102070 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102020 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -102020 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101968 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101968 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101917 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101917 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101868 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101868 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101817 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101817 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101758 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101758 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101708 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101708 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101654 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101654 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101575 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101575 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101522 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101522 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101410 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -101410 microseconds.  Ignoring time.
Completed UDP Scan at 20:22, 2.51s elapsed (1000 total ports)
Initiating Service scan at 20:22
Scanning 3 services on 222.222.222.22
Service scan Timing: About 33.33% done; ETC: 20:27 (0:02:46 remaining)
Completed Service scan at 20:24, 82.56s elapsed (3 services on 1 host)
Initiating OS detection (try #1) against 222.222.222.22
Retrying OS detection (try #2) against 222.222.222.22
NSE: Script scanning 222.222.222.22.
Initiating NSE at 20:24
sendto in send_ip_packet_sd: sendto(10, packet, 65536, 0, 222.222.222.22, 16) => Message too long
Offending packet: TCP 222.222.222.22:28998 > 222.222.222.22:1 S ttl=128 id=0 iplen=0  seq=154711931 win=3072 <mss 1460>
Completed NSE at 20:24, 30.55s elapsed
Nmap scan report for 222.222.222.22
Host is up (0.024s latency).
Not shown: 1997 closed ports
PORT     STATE         SERVICE  VERSION
68/udp   open|filtered dhcpc
631/udp  open|filtered ipp
5353/udp open|filtered zeroconf
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

Host script results:
| asn-query:
| BGP: 222.222.0.0/15 | Country: CN
|   Origin AS: 4134 - CHINANET-BACKBONE No.31,Jin-rong Street,CN
|_    Peer AS: 174 1273 1299 2914 3257 3356 11164
|_hostmap-robtex:
| ip-geolocation-geoplugin:
| 222.222.222.22
|   coordinates (lat,lon): 39.889702,115.275002
|_  state: Hebei, China
|_ip-geolocation-maxmind: ERROR: Script execution failed (use -d to debug)
|_ipidseq: Unknown
|_path-mtu: 65535 <= PMTU < 65536
| whois: Record found at whois.apnic.net
| inetnum: 222.222.0.0 - 222.223.255.255
| netname: CHINANET-HE
| descr: CHINANET hebei province network
| country: CN
| person: Bin Ren
|_email: hostmaster@hbtele.com

NSE: Script Post-scanning.
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 131.93 seconds
           Raw packets sent: 2133 (144.268KB) | Rcvd: 4238 (181.876KB)




------------------------------------------------------------------------------------------------------------------

En mi pc me salen estos puertos abiertos, pero no puedo cerrarlos ni nada,y yo no los he abierto:

68/udp   open|filtered dhcpc
631/udp  open|filtered ipp
5353/udp open|filtered zeroconf


En el router me salen abiertos puertos que yo no he abierto:

53/udp open  domain  NetWare dnsd
67/udp open  dhcps?


Bueno, la verdad, no se muy bien como interpretar esto, podeis echarme una mano porfavor?

Un saludo.



En línea

Verse constantemente expuesto al peligro puede generar desprecio hacia él.
El que resiste, gana
Aníbal sabía como conseguir la victoria, pero no cómo utilizarla
"Houston, tenemos un problema": los detalles y curiosidades tras uno de los mensajes de alarma más famosos de la historia
https://amaltea.wordpress.com/2008/03/06/proverbios-y-refranes-grecolatinos/
engel lex
Moderador Global
***
Desconectado Desconectado

Mensajes: 15.514



Ver Perfil
Re: scan con zenmap de mi red
« Respuesta #1 en: 13 Agosto 2015, 20:51 pm »

si estableciste la ip manual, te dice que estás en china, porque la geolocalización por ip, es simplemente por tablas... es decir, simplemente hay una lista que dice "x ip pertenerce a z lugar"


En línea

El problema con la sociedad actualmente radica en que todos creen que tienen el derecho de tener una opinión, y que esa opinión sea validada por todos, cuando lo correcto es que todos tengan derecho a una opinión, siempre y cuando esa opinión pueda ser ignorada, cuestionada, e incluso ser sujeta a burla, particularmente cuando no tiene sentido alguno.
Hason


Desconectado Desconectado

Mensajes: 790


Keep calm and use the spiritual force


Ver Perfil WWW
Re: scan con zenmap de mi red
« Respuesta #2 en: 13 Agosto 2015, 21:08 pm »

OK, entiendo, por eso dependiendo de que ip interna pongo me sale en un sitio o en otro.

Entonces la ip a analizar con zenmap, sería mi ip pública, ¿no es así?

Si posteo el log de mi ip pública, puedo tener problemas no?me gustaría postearla, pero si acaso borro mi ip pública y puedo postearlo.

Con los puertos supongo que está algo mal, por que yo no lo tengo habilitado, pero trate de cerrarlos con un comando en linux, pero no se cierran.

Gracias un saludo.
En línea

Verse constantemente expuesto al peligro puede generar desprecio hacia él.
El que resiste, gana
Aníbal sabía como conseguir la victoria, pero no cómo utilizarla
"Houston, tenemos un problema": los detalles y curiosidades tras uno de los mensajes de alarma más famosos de la historia
https://amaltea.wordpress.com/2008/03/06/proverbios-y-refranes-grecolatinos/
Gh057


Desconectado Desconectado

Mensajes: 1.190



Ver Perfil
Re: scan con zenmap de mi red
« Respuesta #3 en: 13 Agosto 2015, 21:12 pm »

Hola, tienes un ordenador Apple? Me llaman la atención el puerto 68 y el 5353, son tanto para el inicio y  detección de impresoras, mensajería, compartir datos en red hogareña (entiendo por ejemplo para enviar streaming a un dispositivo móvil) etc etc

En sistemas gnu/linux el puerto 631 corresponde al servicio cups, que gestiona la impresión de forma remota. No debería estar habilitado por defecto, a menos que diariamente envíes impresiones... o lo hayas configurado adrede.
Depende la distro como puedes deshabilitarlo, puede ser con "sudo service cups stop" "sudo /etc/init.d/cupsd stop" tocando la configuracion del mismo en "/etc/init/cups.conf" etc ertc

Saludos

(agrego) en el router, lo más probable que tengas habilitadas las opciones del 4° conector rj-45 como voip, y ciertas "funcionalidades" dudosas de acceso remoto del mismo proveedor de internet; permite la gestión remota a cualqueir eventual problema. (Pero no olvides que viene con credenciales de fábrica...) Personalmente deshabilito todo, cualquier problema que no puedas arreglar, lo habilitas y llamas.
Veo el telnet habilitado... si tienes cambiado el user y pass de la configuración web no hay problema, pero si tienes para quitarlo, mejor. No miré mucho más, por si tienes ssh habilitado; si lo tienes (puerto 22) cambia la configuración  de logueo también.
« Última modificación: 13 Agosto 2015, 21:20 pm por Gh057 » En línea

4 d0nd3 1r4 3l gh057? l4 r3d 3s 74n v4s74 3 1nf1n1t4...
Hason


Desconectado Desconectado

Mensajes: 790


Keep calm and use the spiritual force


Ver Perfil WWW
Re: scan con zenmap de mi red
« Respuesta #4 en: 13 Agosto 2015, 23:16 pm »



Muchas gracias por contestar.
No tengo un mac, escribo desde un compak presario con la placa base corrupta ( un rootkit, bootkit bajo nivel).

Lo que comentas de:
 son tanto para el inicio y  detección de impresoras, mensajería, compartir datos en red hogareña (entiendo por ejemplo para enviar streaming a un dispositivo móvil) etc etc

Creo que es lo que me hace el personaje este, para ver todo lo que yo hago, no se sospecho.


El puerto cups de impresoras, no lo utilizo y no lo he habilitado yo, he probado de deshabilitarlo de todas las maneras y no se puede, he vuelto a pasar zenmap, y continua abierto.
Mira te pego el log de  /etc/init/cups.conf , en el que he cambiado valores de true a false, o yes a no:

  GNU nano 2.2.6                             File: /etc/init/cups.conf                                                               

# cups - CUPS Printing spooler and server

description     "CUPS printing spooler/server"
author          "Michael Sweet <msweet@apple.com>"

start on (filesystem
          and (started dbus or runlevel [2345]))
stop on runlevel [016]

respawn
respawn limit 3 12

pre-start script
    [ -x /usr/sbin/cupsd ]

    # load modules for parallel port support
    if [ -r /etc/default/cups ]; then
        . /etc/default/cups
    fi
    if [ "$LOAD_LP_MODULE" = "no" -a -f /usr/lib/cups/backend/parallel \
         -a -f /proc/modules -a -x /sbin/modprobe ]; then
        modprobe -q -b lp || false
        modprobe -q -b ppdev || false
        modprobe -q -b parport_pc || false
    fi
 mkdir -p /var/run/cups/certs
    if [ -x /lib/init/apparmor-profile-load ]; then
        /lib/init/apparmor-profile-load usr.sbin.cupsd
    fi
end script

exec /usr/sbin/cupsd -f

post-start script
    # wait until daemon is ready
    timeout=60
    while [ ! -e /var/run/cups/cups.sock ]; do
        sleep 0.5
        timeout=$((timeout-1))
 if [ "$timeout" -eq 0 ]; then
            echo "cupsd failed to create /var/run/cups/cups.sock, skipping automatic printer configuration" >&2
            exit 0
        fi
    done

    # coldplug USB printers
    if ! /lib/udev/udev-configure-printer enumerate 2>/dev/null; then
        if type udevadm > /dev/null 2>&1 && [ -x /lib/udev/udev-configure-printer ]; then
            for printer in `udevadm trigger --verbose --dry-run --subsystem-match=usb \
                    --attr-match=bInterfaceClass=07 --attr-match=bInterfaceSubClass=01 2>/dev/null || true; \
                            udevadm trigger --verbose --dry-run --subsystem-match=usb \
                    --sysname-match='lp[0-9]*' 2>/dev/null || false`; do
                /lib/udev/udev-configure-printer add "${printer#/sys}"
    done
        fi
    fi
end script



A todo esto que comentas, tenia montado un rollo raro con lvmdiskscan, tenía montadas LVM physical volumes en el pc, los discos duros y los usb, pero me lo pude quitar y no me lo puso más.



En el router, tengo abiertos los puertos 80, 23,21, que serán el de navegar el 80, el de telnet y el ftp, pero no puedo deshabilitarlos tampoco, no sale la opción.En otros routers que tengo si puedo cerrarlo, o podía creo recordar.

En routing en mi router, cada vez que reinicio, me sale por defecto, la dirección 192.168.144.1:Si no la borro, me puede putear mucho con la red...al borrarla mejora el asunto mucho.

# Dest IP Mask Gateway IP Metric Device Use Edit Drop
1 192.168.144.1 32 PVC0 1 poe0 0 ----------------------------------------esta es la entrada que debo borrar cada vez que reinicio.
2 222.222.222.0 24 222.222.222.2 1 enet0 7708
3 default 0 Node1 2 poe0 4550


el ssh creo que no está activado pero no se.
Entonces el problema está que tengo al craker dentro del controlador de red, con una configuración por defecto, y me pone la dirección 192.168.144.1 como mi gateway determinado, cuando yo le asigno el 222.222.222.2 , pero no puedo poner el mio, si pongo mi gateway determindado no puedo conectarme a internet, y no puedo repararlo desde mis pc por una historieta que ya conte...


Luego creo que tengo activado el multicast, que no se si es normal que esté activado por defecto.

Mira te pongo el log de zenmap de mi ip pública, pero tachando mi ip:


Starting Nmap 6.40 ( http://nmap.org ) at 2015-08-13 20:07 CEST
NSE: Loaded 227 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 20:07
NSE: mtrace: A source IP must be provided through fromip argument.
Completed NSE at 20:07, 10.48s elapsed
Pre-scan script results:
| broadcast-eigrp-discovery:
|_ ERROR: Couldn't get an A.S value.
| http-icloud-findmyiphone:
|_  ERROR: No username or password was supplied
| http-icloud-sendmsg:
|_  ERROR: No username or password was supplied
| targets-asn:
|_  targets-asn.asn is a mandatory parameter
Initiating Ping Scan at 20:07
Scanning ---------------- [7 ports]
Completed Ping Scan at 20:07, 0.51s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 20:07
Completed Parallel DNS resolution of 1 host. at 20:07, 0.13s elapsed
Initiating SYN Stealth Scan at 20:07
Scanning 17.Red---------.staticIP.rima-tde.net (---------) [1000 ports]
Discovered open port 21/tcp on -----------
adjust_timeouts2: packet supposedly had rtt of -97164 microseconds.  Ignoring time.
adjust_timeouts2: packet supposedly had rtt of -97164 microseconds.  Ignoring time.
Discovered open port 23/tcp on ------------
Discovered open port 80/tcp on ------------
Completed SYN Stealth Scan at 20:07, 14.05s elapsed (1000 total ports)
Initiating UDP Scan at 20:07
Scanning 17.Red---------.staticIP.rima-tde.net (----------) [1000 ports]
Completed UDP Scan at 20:07, 4.76s elapsed (1000 total ports)
Initiating Service scan at 20:07
Scanning 1003 services on 17.Red---------.staticIP.rima-tde.net (---------)
Service scan Timing: About 0.40% done
Service scan Timing: About 3.39% done; ETC: 21:28 (1:18:23 remaining)
Service scan Timing: About 6.38% done; ETC: 21:12 (1:00:24 remaining)
Service scan Timing: About 9.37% done; ETC: 21:06 (0:53:11 remaining)
Service scan Timing: About 12.36% done; ETC: 21:03 (0:48:48 remaining)
Service scan Timing: About 15.35% done; ETC: 21:01 (0:45:29 remaining)
Service scan Timing: About 20.84% done; ETC: 20:54 (0:36:55 remaining)
Service scan Timing: About 21.34% done; ETC: 20:59 (0:40:33 remaining)
Service scan Timing: About 26.72% done; ETC: 20:54 (0:34:11 remaining)
Service scan Timing: About 27.32% done; ETC: 20:58 (0:36:35 remaining)
Service scan Timing: About 32.70% done; ETC: 20:54 (0:31:19 remaining)
Service scan Timing: About 38.68% done; ETC: 20:54 (0:28:29 remaining)
Service scan Timing: About 44.67% done; ETC: 20:54 (0:25:40 remaining)
Service scan Timing: About 50.65% done; ETC: 20:54 (0:22:52 remaining)
Service scan Timing: About 56.63% done; ETC: 20:53 (0:20:05 remaining)
Service scan Timing: About 62.61% done; ETC: 20:53 (0:17:18 remaining)
Service scan Timing: About 68.59% done; ETC: 20:53 (0:14:31 remaining)
Service scan Timing: About 74.58% done; ETC: 20:53 (0:11:45 remaining)
Service scan Timing: About 80.56% done; ETC: 20:53 (0:08:59 remaining)
Service scan Timing: About 86.04% done; ETC: 20:54 (0:06:29 remaining)
Service scan Timing: About 92.02% done; ETC: 20:54 (0:03:42 remaining)
Service scan Timing: About 98.01% done; ETC: 20:54 (0:00:56 remaining)
Completed Service scan at 20:54, 2806.67s elapsed (1003 services on 1 host)
Initiating OS detection (try #1) against 17.Red---------.staticIP.rima-tde.net (-----------)
Retrying OS detection (try #2) against 17.Red-88-27-46.staticIP.rima-tde.net (-----------)
Initiating Traceroute at 20:54
Completed Traceroute at 20:54, 0.02s elapsed
NSE: Script scanning -----------.
Initiating NSE at 20:54
NSE Timing: About 1.48% done; ETC: 21:29 (0:34:27 remaining)
NSE Timing: About 3.75% done; ETC: 21:21 (0:26:04 remaining)
NSE Timing: About 7.32% done; ETC: 21:16 (0:19:50 remaining)
NSE Timing: About 9.38% done; ETC: 21:17 (0:20:56 remaining)
NSE Timing: About 11.66% done; ETC: 21:19 (0:22:06 remaining)
NSE Timing: About 15.12% done; ETC: 21:18 (0:20:01 remaining)
NSE Timing: About 23.13% done; ETC: 21:19 (0:18:40 remaining)
NSE Timing: About 27.78% done; ETC: 21:18 (0:17:20 remaining)
NSE Timing: About 33.82% done; ETC: 21:19 (0:16:05 remaining)
NSE Timing: About 38.15% done; ETC: 21:18 (0:14:52 remaining)
NSE Timing: About 43.96% done; ETC: 21:19 (0:13:36 remaining)
NSE Timing: About 49.77% done; ETC: 21:19 (0:12:17 remaining)
NSE Timing: About 54.86% done; ETC: 21:18 (0:10:53 remaining)
NSE Timing: About 60.40% done; ETC: 21:19 (0:09:39 remaining)
NSE Timing: About 65.85% done; ETC: 21:19 (0:08:23 remaining)
NSE Timing: About 70.84% done; ETC: 21:19 (0:07:08 remaining)
NSE Timing: About 76.75% done; ETC: 21:19 (0:05:41 remaining)
NSE Timing: About 81.93% done; ETC: 21:19 (0:04:28 remaining)
NSE Timing: About 86.92% done; ETC: 21:19 (0:03:13 remaining)
NSE Timing: About 92.19% done; ETC: 21:19 (0:01:56 remaining)
NSE Timing: About 97.18% done; ETC: 21:19 (0:00:42 remaining)
Completed NSE at 21:19, 1485.22s elapsed
Initiating NSE at 21:19
NSE Timing: About 33.33% done; ETC: 21:21 (0:01:02 remaining)
NSE Timing: About 66.67% done; ETC: 21:21 (0:00:30 remaining)
Completed NSE at 21:21, 90.00s elapsed
Nmap scan report for 17.Red---------.staticIP.rima-tde.net (--------)
Host is up (0.0025s latency).
Not shown: 1000 open|filtered ports, 997 filtered ports
PORT   STATE SERVICE VERSION
21/tcp open  ftp?
|_banner: 220 TP-LINK FTP version 1.0 ready at Sat Jan  1 01:27:49 2000
23/tcp open  telnet?
|_banner: \xFF\xFB\x03\xFF\xFB\x01\x0D\x0APassword:
| telnet-encryption:
|_  Telnet server does not support encryption
80/tcp open  http    Allegro RomPager 4.07 UPnP/1.0 (ZyXEL ZyWALL 2)
|_http-cakephp-version: false
|_http-comments-displayer: Couldn't find any comments.
|_http-default-accounts: false
|_http-google-malware: [ERROR] No API key found. Update the variable APIKEY in http-google-malware or set it in the argument http-google-malware.api
| http-grep:
|_  ERROR: Argument http-grep.match was not set
| http-headers:
|   Location: http://17.Red----------.staticIP.rima-tde.net/login_security.html
|   Content-Length: 0
|   Server: RomPager/4.07 UPnP/1.0
|   Connection: close
|   EXT:
|   
|_  (Request type: GET)
| http-methods: GET HEAD POST PUT
| Potentially risky methods: PUT
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Did not follow redirect to http://17.Red---------.staticIP.rima-tde.net/login_security.html
| http-traceroute:
|_  Possible reverse proxy detected.
|_membase-http-info: false
|_riak-http-info: false
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: webcam|router|proxy server|switch|WAP
Running (JUST GUESSING): D-Link embedded (96%), Linksys embedded (96%), Adtran embedded (88%), Eicon embedded (88%), HP embedded (88%), Huawei embedded (88%), Planet embedded (88%)
OS CPE: cpe:/h:dlink:dcs-6620g cpe:/h:linksys:befsr41 cpe:/h:adtran:netvanta_1224r cpe:/h:hp:procurve_7102dl cpe:/h:huawei:quidway_s5600 cpe:/h:planet:wap-1950
Aggressive OS guesses: D-Link DCS-6620G webcam or Linksys BEFSR41 EtherFast router (96%), D-Link DCS-3220 webcam (93%), Adtran NetVanta 1224R router (88%), Eicon Shiva VPN gateway (88%), HP ProCurve Secure Router 7102dl (88%), Huawei Quidway S5600 switch (88%), Linksys BEFSR41 EtherFast router (88%), Planet WAP-1950 WAP (88%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop

Host script results:
| asn-query:
| BGP: 88.27.0.0/16 | Country: ES
|   Origin AS: 3352 - TELEFONICA_DE_ESPANA TELEFONICA DE ESPANA,ES
|_    Peer AS: 8928 12956
| firewalk:
| HOP  HOST            PROTOCOL  BLOCKED PORTS
| 0    222.222.222.22  tcp       1,3-4,6-7,9,13,17,19-20
|_                     udp       2-3,7,9,13,17,19-22
|_hostmap-robtex:
| ip-geolocation-geoplugin:
| --------------
|   coordinates (lat,lon): 28.4853,-16.320101
|_  state: Canary Islands, Spain
|_ip-geolocation-maxmind: ERROR: Script execution failed (use -d to debug)
|_ipidseq: Unknown
| qscan:
| PORT  FAMILY  MEAN (us)  STDDEV  LOSS (%)
| 21    0       0.00       -0.00   100.0%
| 23    1       0.00       -0.00   100.0%
|_80    2       665.00     -nan    90.0%
|_traceroute-geolocation: ERROR: Script execution failed (use -d to debug)
| whois: Record found at whois.ripe.net
| inetnum: ----.0.0 - -----.255.255
| netname: RIMA
| descr: Telefonica de Espana SAU (NCC#2007050901) Red de servicios IP Spain
| country: ES
| role: Administradores Telefonica de Espana
|_email: adminis.ripe@telefonica.com

TRACEROUTE (using port 80/tcp)
HOP RTT     ADDRESS
1   2.88 ms 17.Red--------.staticIP.rima-tde.net (--------)

NSE: Script Post-scanning.
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 4431.19 seconds
           Raw packets sent: 5243 (214.798KB) | Rcvd: 37 (1.608KB)


Vamos , que me tiene liada una que para que....

Un saludo y muchas gracias.
           





En línea

Verse constantemente expuesto al peligro puede generar desprecio hacia él.
El que resiste, gana
Aníbal sabía como conseguir la victoria, pero no cómo utilizarla
"Houston, tenemos un problema": los detalles y curiosidades tras uno de los mensajes de alarma más famosos de la historia
https://amaltea.wordpress.com/2008/03/06/proverbios-y-refranes-grecolatinos/
Hason


Desconectado Desconectado

Mensajes: 790


Keep calm and use the spiritual force


Ver Perfil WWW
Re: scan con zenmap de mi red
« Respuesta #5 en: 15 Agosto 2015, 11:29 am »

Voy a intentar subir las imágenes de las capturas de wireshark con las mac atacantes y más información sobre lo que estoy sufriendo, haber si puedo subirlas ahora, gracias a la explicación de simorg.

Pongo los enlaces , he subido las imagenes con postimage, creo que ahora si que se verán, en varias capturas se ve claramente que tengo la mac duplicada:

http://postimg.org/image/9r3w8w60t/

http://postimg.org/image/tjanlx6yl/

http://postimg.org/image/4skz83rlp/

http://postimg.org/image/a59tm8fi5/

http://postimg.org/image/ktdkl2ph9/
En línea

Verse constantemente expuesto al peligro puede generar desprecio hacia él.
El que resiste, gana
Aníbal sabía como conseguir la victoria, pero no cómo utilizarla
"Houston, tenemos un problema": los detalles y curiosidades tras uno de los mensajes de alarma más famosos de la historia
https://amaltea.wordpress.com/2008/03/06/proverbios-y-refranes-grecolatinos/
Páginas: [1] Ir Arriba Respuesta Imprimir 

Ir a:  

Mensajes similares
Asunto Iniciado por Respuestas Vistas Último mensaje
Es posible Zenmap des USB Stick?
Hacking
Dark|o2 0 2,613 Último mensaje 7 Diciembre 2009, 01:37 am
por Dark|o2
Analise con Zenmap pero no veo nada interesante..
Bugs y Exploits
$Edu$ 5 5,039 Último mensaje 24 Febrero 2012, 15:45 pm
por $Edu$
iconos en zenmap
Hacking Wireless
kamykaze 0 3,772 Último mensaje 13 Mayo 2013, 03:58 am
por kamykaze
Zenmap no abre.
Hacking
kirkman 7 6,368 Último mensaje 17 Diciembre 2020, 14:17 pm
por WHK
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines