Felipe da Fonseca Silva Couto

Maria Aparecida da Silva Belo

Sillas de Sousa Bonfim

REDES E SEGURANA DE SISTEMAS

Atividade de Grupo n 4/ 2 _2016

Braslia DF
2016
1. Resultado

Starting Nmap 7.31 ( https://nmap.org )

Nmap scan report for 192.168.0.1
Host is up (0.0096s latency).
Not shown: 989 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http lighttpd 1.4.26
|_http-title: Site doesn't have a title (text/html).
139/tcp closed netbios-ssn
256/tcp closed fw1-secureremote
443/tcp open ssl/http lighttpd 1.4.26
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: organizationName=Mini Webservice Ltd/stateOrProvinceName=Some-
State/countryName=AT
| Not valid before: 2009-07-13T08:13:08
|_Not valid after: 2010-07-13T08:13:08
587/tcp closed submission
993/tcp closed imaps
1025/tcp closed NFS-or-IIS
1723/tcp closed pptp
1900/tcp closed upnp
5900/tcp closed vnc
8080/tcp open http lighttpd 1.4.26
|_http-title: Site doesn't have a title (text/html).
MAC Address: 00:1D:D5:E3:D9:B1 (Arris Group)
Device type: broadband router
Running: Arris embedded
OS details: Arris TG862G/CT cable modem
Network Distance: 1 hop

TRACEROUTE
HOP RTT ADDRESS
1 9.60 ms 192.168.0.1

OS and Service detection performed. Please report any incorrect results at

https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 41.42 seconds

-----------------------------------------------------------------------------

Starting Nmap 7.31 ( https://nmap.org )

Nmap scan report for insecure.org (45.33.49.119)
Host is up (0.17s latency).
Other addresses for insecure.org (not scanned): 2600:3c01::f03c:91ff:fe98:ff4e
rDNS record for 45.33.49.119: ack.nmap.org
Not shown: 96 filtered ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 6.6.1 (protocol 2.0)
| ssh-hostkey:
| 2048 48:e0:c6:cd:14:00:00:db:b6:b0:3d:f2:0a:2a:3b:6d (RSA)
|_ 256 88:2b:29:00:d0:c7:81:ac:dd:f4:90:42:d2:aa:f0:5b (ECDSA)
80/tcp open http Apache httpd 2.4.6
| http-methods:
|_ Potentially risky methods: TRACE
|_http-server-header: Apache/2.4.6 (CentOS)
|_http-title: Insecure.Org - Nmap Free Security Scanner, Tools & Hacking res...
113/tcp closed ident
443/tcp open ssl/http Apache httpd 2.4.6 ((CentOS))
| http-robots.txt: 4 disallowed entries
| /favicon/tiles/ /favicon/dim/ /favicon/dim-nogzip/
|_/mailman/
|_http-server-header: Apache/2.4.6 (CentOS)
| http-title: Nmap: the Network Mapper - Free Security Scanner
|_Requested resource was https://nmap.org/
| ssl-cert: Subject: commonName=www.nmap.org
| Subject Alternative Name: DNS:www.nmap.org, DNS:nmap.org
| Not valid before: 2015-01-17T14:41:49
|_Not valid after: 2019-01-19T20:29:20
|_ssl-date: 2016-11-17T01:02:04+00:00; -2s from scanner time.
Device type: general purpose|storage-misc|phone|broadband router|WAP
Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (98%), HP embedded (91%), Google
Android 5.X (91%), Linksys embedded (90%)
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel:2.6
cpe:/h:hp:p2000_g3 cpe:/o:google:android:5 cpe:/o:linux:linux_kernel cpe:/h:linksys:ea3500
Aggressive OS guesses: Linux 3.16 - 3.19 (98%), Linux 3.10 - 4.1 (97%), Linux 3.2 - 4.4 (96%),
Linux 4.4 (95%), Linux 2.6.26 - 2.6.35 (95%), Linux 2.6.32 - 3.13 (95%), Linux 3.13 (94%),
Linux 2.6.23 - 2.6.38 (93%), Linux 3.2 - 3.8 (93%), Linux 3.18 (92%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 13 hops

Host script results:

|_clock-skew: mean: -2s, deviation: 1d-1h-1m-1s, median: -2s

TRACEROUTE (using port 113/tcp)

HOP RTT ADDRESS
1 17.00 ms 192.168.0.1
2 29.00 ms 10.33.128.1
3 26.00 ms bb7afe0a.virtua.com.br (187.122.254.10)
4 25.00 ms embratel-G0-0-1-iacc01.blm.embratel.net.br (200.179.157.17)
5 31.00 ms ebt-T0-5-5-0-21-tcore01.blm.embratel.net.br (200.230.246.35)
6 177.00 ms ebt-T0-12-0-4-tcore01.bsa.embratel.net.br (200.244.213.255)
7 170.00 ms ebt-BP16111-intl01.nyk.embratel.net.br (200.230.220.178)
8 195.00 ms 10gigabitethernet2-2.core1.ash1.he.net (206.126.236.37)
9 212.00 ms 100ge7-2.core1.pao1.he.net (184.105.222.41)
10 208.00 ms 10ge4-4.core3.fmt2.he.net (184.105.222.89)
11 ...
12 211.00 ms 173.230.159.3
13 215.00 ms ack.nmap.org (45.33.49.119)

Post-scan script results:

| clock-skew:
|_ -2s: Majority of systems scanned
OS and Service detection performed. Please report any incorrect results at
https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 55.76 seconds

----------------------------------------------------------------------------

tarting Nmap 7.31 ( https://nmap.org )

Nmap scan report for 192.168.0.1
Host is up (0.0033s latency).
Not shown: 99 filtered ports
PORT STATE SERVICE VERSION
1433/tcp closed ms-sql-s
MAC Address: 00:1D:D5:E3:D9:B1 (Arris Group)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop

TRACEROUTE
HOP RTT ADDRESS
1 3.28 ms 192.168.0.1

OS and Service detection performed. Please report any incorrect results at

https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.16 seconds

2. Concluso
Atraves da anlise dos resultados apresentados e do estudo das unidades o grupo pde concluir
que a camada humana essencial para a segurana da informao, ainda que por muitos
negligenciada. Ou como nos sugere o autor Adachi, essa camada forma-se por todos os recursos
humanos presentes na organizao, principalmente os que possuem acesso aos recursos de TI,
seja para manuteno ou uso. Das trs camadas, esta a mais difcil de se avaliar os riscos e
gerenciar a segurana, pois envolve o fator humano, com caractersticas psicolgicas, scio-
culturais e emocionais, que variam de forma individual (SCHNEIER, 2001). Dessa forma, a
segurana da informao envolve mais do que apenas hardware e software, envolve tambm os
recursos humanos. Desta maneira, essencial a implementao de polticas de segurana e a
conscientizao dos usurios como estratgia para se controlar a segurana dessa camada
especificamente. Espero ter contribudo com os colegas
Especificamente sobre a anlise da varredura:
Os nmeros apresentados so das portas da maquina virtual, endereo fornecido e localhost (989,
96 e 99 portas a serem analisadas respectivamente), notando-se ainda preponderncia nas sadas
de pacote atraves do protocolo TCP. Por sua vez podemos ainda ver a presena das postas de
sada e pelas entrdas definidas pelo protocolo de comunicao de dados http.
Durante a ultima fase das anlises observamos ainda o traceroute que aparece como uma
ferramenta para mostrar o caminho para um servidor remoto, como o caso do endereo de
varredura selecionado ou do localhost indicado.
Por fim o nmap apresenta-se como um ferramenta de segurana usada para detectar
computadores e servios numa rede, criando um mapa dessa mesma rede rede, utilizando para
isso inumeras tecnicas de deteco como tivemos a oportunidade de observar durante a
disciplina.

Referencias Bibliogrficas

1. ADACHI, Tomi. Gesto de Segurana em Internet Banking - So Paulo: FGV, 2004. 121p.
Mestrado. Fundao Getlio Vargas - Administrao. Orientador: Eduardo Henrique Diniz.

2. SCHNEIER, Bruce. Segurana.com: segredos e mentiras sobre a proteo na vida digital - Rio
de Janeiro: Campus, 2001.