El comando PING sirve para verificar la conectividad de IP. Cuando esté resolviendo problemas, puede usar ping para enviar una solicitud de eco ICMP a un nombre de host de destino o a una dirección IP. Use ping siempre que necesite comprobar que un equipo host puede conectarse a la red TCP/IP y a los recursos de red. También puede usar ping para aislar problemas de hardware de red y configuraciones incompatibles.
Nota: Los dominios de ejemplo son utilizados con fines academicos para ejemplificar el funcionamiento de las herramientas citadas en este apartado sin causar ningun daño a los mismos.
Ejemplo:
ping www.nur.edu
Haciendo ping a www.nur.edu [66.147.244.249] con 32 bytes de datos:
Respuesta desde 66.147.244.249: bytes=32 tiempo=195ms TTL=40
Respuesta desde 66.147.244.249: bytes=32 tiempo=429ms TTL=40
Respuesta desde 66.147.244.249: bytes=32 tiempo=376ms TTL=40
Respuesta desde 66.147.244.249: bytes=32 tiempo=276ms TTL=40
Estadísticas de ping para 66.147.244.249:
Paquetes: enviados = 4, recibidos = 4, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
Mínimo = 195ms, Máximo = 429ms, Media = 319ms
WHOIS es un servicio proporcionado por InterNIC que proporciona información sobre los dominios de segundo nivel, incluidas direcciones de correo electrónico del contacto, direcciones postales y números de teléfono de las personas que se han registrado con InterNIC. WHOIS también puede ayudar a determinar si un nombre de dominio ya está en uso, que puede ser útil para los administradores del sitio nuevo.
WHOIS puede tener acceso mediante clientes WHOIS, sesiones de telnet interactivo, correo electrónico y el World Wide Web. La base de datos de InterNIC proporciona información acerca de COM, .EDU,. NET, .ORG y .GOV dominios.
Ejemplo:
whois www.nur.edu
Domain Name NUR.EDU
Registrant:
Universidad Nur
Av. Cristo Redentor # 100
Santa Cruz de la Sierra, SC 3273
BOLIVIA
Administrative Contact:
Abbas Rezvani
Rector Financiero
Universidad Nur
Av. Cristo Redentor # 100
Santa Cruz, SC 3273
BOLIVIA
591-3-363939
arezvani@nur.edu
Technical Contact:
Julio Cesar Porcel
Universidad Nur
Av. Cristo Redentor # 100
Santa Cruz, SC 3273
BOLIVIA
591-3-425212
jcesar@nur.edu
Name Servers:
UNINUR.NUR.EDU 200.87.196.2
CNA.NUR.EDU 200.87.196.3
Domain record activated 24-Oct-1996
Domain record last updated 02-Aug-2011
Domain expires 31-Jul-2016
Nmap (de Network Mapper) es una utilidad de software libre para explorar, administrar y auditar la seguridad de redes de ordenadores. Detecta hosts online, sus puertos abiertos, servicios y aplicaciones corriendo en ellos, su sistema operativo, que firwalls/filtros corren en una red y de que tipo son. Es excelente para hacer trabajos de auditoria de res y fue diseñado para llevar acabo escaneos rápidos en una gran cantidad de redes, pero es igualmente usable en hosts individuales. Es reconocido como el scanner de puertos mas poderoso. Y se lo usa basicamente para 3 cosas:
Auditorias de seguridad.
Pruebas rutinarias de redes.
Recolector de informacion para futuros ataques. (hackers)
Nmap es software libre y por lo tanto gratuito. Y basicamente existe una version para cada sistema operativo que conozcas: MacOSX, Microsoft Windows, GNU/Linux, OpenBSD, Solaris, etc.
Ejemplo:
nmap -T4 -A -v www.nur.edu
Starting Nmap 6.47 ( http://nmap.org ) at 2015-09-29 16:49 Hora estándar oeste, Sudamérica
NSE: Loaded 118 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Ping Scan at 16:49
Scanning www.nur.edu (66.147.244.249) [4 ports]
Completed Ping Scan at 16:49, 0.14s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 16:49
Completed Parallel DNS resolution of 1 host. at 16:49, 4.25s elapsed
Initiating SYN Stealth Scan at 16:49
Scanning www.nur.edu (66.147.244.249) [1000 ports]
------------------
Completed SYN Stealth Scan at 16:50, 28.23s elapsed (1000 total ports)
Initiating Service scan at 16:50
Scanning 12 services on www.nur.edu (66.147.244.249)
Completed Service scan at 16:52, 146.24s elapsed (12 services on 1 host)
Initiating OS detection (try #1) against www.nur.edu (66.147.244.249)
Retrying OS detection (try #2) against www.nur.edu (66.147.244.249)
Initiating Traceroute at 16:53
Completed Traceroute at 16:53, 3.13s elapsed
Initiating Parallel DNS resolution of 3 hosts. at 16:53
Completed Parallel DNS resolution of 3 hosts. at 16:53, 0.01s elapsed
NSE: Script scanning 66.147.244.249.
Initiating NSE at 16:53
Completed NSE at 16:56, 179.05s elapsed
Nmap scan report for www.nur.edu (66.147.244.249)
Host is up (0.029s latency).
rDNS record for 66.147.244.249: box749.bluehost.com
Not shown: 987 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp Pure-FTPd
| ssl-cert: Subject: commonName=*.bluehost.com
| Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2015-03-13T00:00:00+00:00
| Not valid after: 2018-03-12T23:59:59+00:00
| MD5: 34af d936 0c31 2adb d4f3 7068 5bdb 92e3
|_SHA-1: 6b1e dfa2 ed15 058c a8f8 cd41 561c 3b20 e149 8c0c
22/tcp open ssh OpenSSH 5.3 (protocol 2.0)
| ssh-hostkey:
| 1024 b6:00:e3:71:8c:a3:4e:e4:8b:9a:b5:c2:68:86:de:82 (DSA)
|_ 2048 56:7b:96:50:57:7c:3d:e2:21:1d:3c:a2:24:08:58:16 (RSA)
25/tcp open smtp?
| smtp-commands: box749.bluehost.com Hello www.nur.edu [200.87.25.186], SIZE 52428800, 8BITMIME, AUTH PLAIN LOGIN, XXXXXXXA, XXXB,
|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
26/tcp open smtp Exim smtpd 4.84
| smtp-commands: box749.bluehost.com Hello www.nur.edu [200.87.25.186], SIZE 52428800, 8BITMIME, AUTH PLAIN LOGIN, STARTTLS, HELP,
|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
|_ssl-date: 2015-09-29T20:53:24+00:00; -1s from local time.
80/tcp open http Apache httpd
|_http-favicon: Unknown favicon MD5: 629CCC774AED95B2C6BEC91151F7292D
| http-robots.txt: 1 disallowed entry
|_/wp-admin/
110/tcp open pop3 Dovecot pop3d
|_pop3-capabilities: RESP-CODES TOP SASL(PLAIN LOGIN) STLS CAPA AUTH-RESP-CODE UIDL PIPELINING USER
113/tcp closed ident
143/tcp open imap Dovecot imapd
|_imap-capabilities: capabilities AUTH=LOGINA0001 LITERAL+ more ENABLE Pre-login post-login have listed ID STARTTLS IDLE SASL-IR LOGIN-REFERRALS AUTH=PLAIN IMAP4rev1 OK
443/tcp open ssl/http Apache httpd
|_http-methods: OPTIONS GET HEAD POST
| http-robots.txt: 1 disallowed entry
|_/
|_http-title: 400 Bad Request
| ssl-cert: Subject: commonName=*.bluehost.com
| Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2015-03-13T00:00:00+00:00
| Not valid after: 2018-03-12T23:59:59+00:00
| MD5: 34af d936 0c31 2adb d4f3 7068 5bdb 92e3
|_SHA-1: 6b1e dfa2 ed15 058c a8f8 cd41 561c 3b20 e149 8c0c
| sslv2:
| SSLv2 supported
|_ ciphers: none
465/tcp open ssl/smtp Exim smtpd 4.84
|_smtp-commands: Couldn't establish connection on port 465
| ssl-cert: Subject: commonName=*.bluehost.com
| Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2015-03-13T00:00:00+00:00
| Not valid after: 2018-03-12T23:59:59+00:00
| MD5: 34af d936 0c31 2adb d4f3 7068 5bdb 92e3
|_SHA-1: 6b1e dfa2 ed15 058c a8f8 cd41 561c 3b20 e149 8c0c
587/tcp open smtp Exim smtpd 4.84
| smtp-commands: box749.bluehost.com Hello www.nur.edu [200.87.25.186], SIZE 52428800, 8BITMIME, AUTH PLAIN LOGIN, STARTTLS, HELP,
|_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA NOOP QUIT RSET HELP
| ssl-cert: Subject: commonName=*.bluehost.com
| Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2015-03-13T00:00:00+00:00
| Not valid after: 2018-03-12T23:59:59+00:00
| MD5: 34af d936 0c31 2adb d4f3 7068 5bdb 92e3
|_SHA-1: 6b1e dfa2 ed15 058c a8f8 cd41 561c 3b20 e149 8c0c
|_ssl-date: 2015-09-29T20:53:19+00:00; 0s from local time.
993/tcp open ssl/imap Dovecot imapd
|_imap-capabilities: ID listed have LOGIN-REFERRALS AUTH=LOGINA0001 IDLE LITERAL+ more ENABLE Pre-login capabilities SASL-IR post-login AUTH=PLAIN IMAP4rev1 OK
| ssl-cert: Subject: commonName=*.bluehost.com
| Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2015-03-13T00:00:00+00:00
| Not valid after: 2018-03-12T23:59:59+00:00
| MD5: 34af d936 0c31 2adb d4f3 7068 5bdb 92e3
|_SHA-1: 6b1e dfa2 ed15 058c a8f8 cd41 561c 3b20 e149 8c0c
995/tcp open pop3s?
|_pop3-capabilities: RESP-CODES TOP USER SASL(PLAIN LOGIN) AUTH-RESP-CODE UIDL PIPELINING CAPA
| ssl-cert: Subject: commonName=*.bluehost.com
| Issuer: commonName=COMODO RSA Domain Validation Secure Server CA/organizationName=COMODO CA Limited/stateOrProvinceName=Greater Manchester/countryName=GB
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2015-03-13T00:00:00+00:00
| Not valid after: 2018-03-12T23:59:59+00:00
| MD5: 34af d936 0c31 2adb d4f3 7068 5bdb 92e3
|_SHA-1: 6b1e dfa2 ed15 058c a8f8 cd41 561c 3b20 e149 8c0c
2 services unrecognized despite returning data. If you know the service/version, please submit the following fingerprints at http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port995-TCP:V=6.47%I=7%D=9/29%Time=560AF9AC%P=i686-pc-windows-windows%r
SF:(SSLSessionReq,E,"\x15\x03\0\0\x02\x02\(\x15\x03\0\0\x02\x02\(");
Device type: general purpose|storage-misc|WAP|firewall|load balancer
Running (JUST GUESSING): Linux 2.6.X (95%), Netgear Linux 2.6.X (92%), Ubiquiti Linux 2.6.X (89%), Linksys embedded (89%), Cisco embedded (88%), F5 Networks embedded (86%), Asus embedded (86%), F5 Networks TMOS 11.1.X (85%)
OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:netgear:linux_kernel:2.6 cpe:/o:ubiquiti:linux_kernel:2.6 cpe:/h:linksys:befw11s4 cpe:/h:cisco:ips_4270 cpe:/h:asus:rt-53n cpe:/o:f5:tmos:11.1
Aggressive OS guesses: Linux 2.6.32 (95%), Netgear ReadyNAS 3200 NAS device (Linux 2.6) (92%), Linux 2.6.11 - 2.6.18 (89%), Ubiquiti WAP (Linux 2.6.32) (89%), Linksys BEFW11S4 WAP (89%), Cisco IPS 4270 intrusion prevention system (88%), F5 BIG-IP load balancer (86%), Asus RT-53N WAP (86%), F5 3600 LTM load balancer (85%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 59.902 days (since Fri Jul 31 19:16:33 2015)
Network Distance: 4 hops
TCP Sequence Prediction: Difficulty=261 (Good luck!)
IP ID Sequence Generation: All zeros
TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1 1.00 ms 10.61.101.1
2 ...
3 2.00 ms 10.61.99.1
4 1.00 ms box749.bluehost.com (66.147.244.249)
NSE: Script Post-scanning.
Initiating NSE at 16:56
Completed NSE at 16:56, 0.00s elapsed
Read data files from: C:\Program Files\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 380.02 seconds
Raw packets sent: 3059 (136.736KB) | Rcvd: 148 (9.758KB)
No hay comentarios.:
Publicar un comentario