Analisis de seguridad

Mira a ver si te sirve esto:

http://security.symantec.com/sscv6/...;venid=sym

www.fermu.com



"Ixak" escribió en el mensaje
news:

Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está
seguro o no y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?

He pasado el test del enlace de tu mensaje y este es le resultado.
Estoy seguro?

gracias de antemano



The Hacker Exposure Check tests whether ports commonly used by Internet
applications are open, closed, or stealth
Understanding your results: An open port responds to port probes and
acknowledges the port's availability. Open ports are dangerous because
they're an easy and attractive means of entry for hackers.

A closed port is visible but not open to attack. Although this is a
safe state, a hacker can use closed ports to detect the existence of your
computer and potentially target it for attack.

A stealth port is safest of all. Stealth means your computer doesn't
respond to port probes and you are virtually invisible to hackers scanning
the Internet for potential targets. Although this is a very safe result, a
stealth port may cause performance problems for some Internet applications.


Your Results:
Port Description Status

ICMP Ping Ping. Ping is a network troubleshooting utility. It asks
your computer to acknowledge its existence. If your computer responds
positively to a ping, hackers are more likely to target your computer.


21 FTP (File Transfer Protocol). FTP is used to transfer files between
your computer and other computers. Port 21 should be open only if you're
running an FTP server.


22 SSH. TCP connections to this port might indicate a search for SSH,
which has a few exploitable features. SSH is a secure replacement for
Telnet. The most common uses of SSH are to securely login and copy files
from a server.


23 Telnet. Telnet can be used to log into your computer from a
terminal anywhere in the world. This port should be open only if you're
running a Telnet server.


25 SMTP (Simple Mail Transfer Protocol). A protocol for host-to-host
mail transport. This port should be open only if you're running a mail
server.


79 Finger. Finger is an Internet utility that allows someone to obtain
information about you, including your full name, logon status, and other
profile information.


80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer Web
pages over the Internet. Port 80 should be open only if you're running a Web
server.


110 POP3 (Post Office Protocol). Internet mail servers and mail filter
applications use this port. This port should be open only if you're running
a mail server.


113 Ident / Authentication. This service is required by some mail,
news, or relay chat servers to allow access. A stealth result on this port
could cause performance problems.


119 NNTP (Network News Transfer Protocol). A service used by News
servers to distribute Usenet articles to newsreader applications and between
other servers.


135 Location service (loc-srv). This port is used to direct RPC
(Remote Procedure Calls) services to the appropriate dynamically mapped
ports. Hackers can use this to determine which port is used by several
Windows services. This port should not be visible from the Internet.


139 NetBIOS. NetBIOS is used for Windows File & Print sharing. If
port 139 is open, your computer is open to sharing files over the Internet.
Other components of NetBIOS can expose your computer name, workgroup, user
name, and other information. To learn more about preventing connections to
your NetBIOS ports, see: NetBIOS Information and Configuration Instructions


143 IMAP (Internet Message Access Protocol). IMAP is a sophisticated
protocol for electronic mail delivery. This port should be open only if
you're running an IMAP server.


443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web server.


445 Windows NT / 2000 SMB. A standard used to exchange Server Message
Blocks, and can be exploited in multiple ways, including gaining your
passwords.


1080 SOCKS. This protocol allows computers access to the Internet
through a firewall. It is used when one IP address is shared among several
computers. Generally this protocol only allows access out to the Internet.
However, it is frequently configured incorrectly to allow hackers to pass
traffic inwards through the firewall.


1723 PPTP (Point-to-Point Tunneling Protocol). This service is used
for virtual private networking connections.


5000 UPnP (Universal Plug and Play). This service is used to
communicate with any UPnP devices attached to your network.


5631 pcAnywhere. This port is used by Symantec pcAnywhere when in host
mode.





"José Gallardo" escribió en el mensaje
news:

Mira a ver si te sirve esto:

http://security.symantec.com/sscv6/...;venid=sym

www.fermu.com



"Ixak" escribió en el mensaje
news:

Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está
seguro o no y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?

begin 666 open-port.gif
M1TE&.#EA+@`H`+,/`/^&AO\9&6UM;49&1O].3A<7%_]U=?_,S/\T-/3N[HV-
MC;N[N____P```/\``/___R'Y! $```\`+ `````N`"@```3_\,E)J[V5X<WG
M`43@! 1P9%JG4H<A.G <&.?#I.MZ$''?$X=;+K?S&6$&X5!E.!H1"<!2=
M800&(E";8@"_8Q+LD'HQ/%G"ZD@>8H0SAEW6P@",M4Q^>=X,>'8]?!9T#D$W
M#$T]`805:3T(B6\^<8X39#X)>4þP]51ED(1ER?$XL^J3T&IQZ05PY KJ^Q
MLEVTH"Y',[BY$A\A(R6^O\;'R,G*R\S-SL\5"0(%!0()#PL#`@,-`PL2"=P%
M"A(*WMP#UT,"#0+L`[>P%$@/CW-\*#=7O2]WV&L0C]X#=@@4-"!88\&#?
MMP<`<R DZ'"BA(G[!(-"AA(@K4BPV;' PX<6$^P0H6$G.(T2&.1*TD\ N
M@<A]"D2J<PER13X%"^,5.$@M00)J"X#"XPE3(D=^WQ!RDT?QZ="1#WM*?#C0
0ICIP!Y&)A):-(#1C$0``.P``
`
end

begin 666 red_line.gif
M1TE&.#EAR $!`( ``/\`* ```"'Y! ``````+ ````#(`0$```(3A(^IR^T/
/HYRTVHNSWKS[#X99`0`[
`
end

begin 666 closed-port.gif
M1TE&.#EA+@`H`+,/`.SL[HV-C<+!PRTM+699B6]O;T9&1MO8X81YH).*K:FD
MMUE,@%-%>____P```/___R'Y! $```\`+ `````N`"@```3_\,E)J[VUX<WG
M40C!$(AR9%JG4H B,G!,*(#4I.MZ(''?(X=;+@?@^8Z,A'"H4B"/B(:"J3J\
MGK!HZ$3=.&,)I/([[6*,L T#C&$&<-F"!HO=V,AFU^.!#<)=PUH,'X6
M=0Q!-U(^!(@5AEF-<#YRD1-?/@`W?#YEF0]61TJ*!%RB#YLQ"ZPQH:I%6#\U
MJAZ34*FW$BV*(S2\%Q\A(R6[PLG*R\S-SLL&!;S1.0X&O-;5U[?9%0`%#@X%
MMMT*`PX#9>;H90`&Z $3`>'SVQ3@!?42V0?PYP<`_ VH,6! @'=3YAD\9V]"
MMP#Q'F2;)^"!``<!+DH#4.-BQ((/@LZ1:[QQ>.V>PAD(#[QQ(M-=M
3UU+#D'/<5!A#A3I3=Q$@1PR0;N1#]I7.8%4&#R@:US1BN\FXJN
M1C:-`MX)N&A `+@``=-1E3::-G\.J%CT`;APTNR&*[=WKM68!4G:I'L!
3@ !;O0ZS&%OA`.%GD",GBP``.P``
`
end

begin 666 stealth-port.gif
M1TE&.#EA+@`H`+,/`$A(2%F_6=KHVGS-?"$A(:&AH7!P<)_:G^OQZ[GDN;N[
MNXB(B$:X1O___P```/___R'Y! $```\`+ `````N`"@```3_\,E)J[VUX<VG
M.$/ !,,A9%,G <'(C4I.LJ#''?#X);+H?@^8Z,@W"H.B"/@Q93)7@]
M88-&Z#3=.&-&7_9[Z&["(X0UV1" (]%XT1N]`/QR#-P&=V@,>Q9R#$$W
M#5\RA!6"#%DW;F*-%(L]"#=(994255!U?5R=#Y<QIC"<I ]%5S\UJYZ/8J.Q
MK"Y(,["V%!\A(R6UO,/$Q<;'R(0("L(J"@`%$@H*TM Y"@X+4]C:#PX`TMG7
MXDS<$M_AW18+!-_,[03@#P7M`+ *\-WF``[QTPX&#/2C%@X`.P//^H$K\(<"&K:CML_!-P'8``J4]V"!@VA<A<P]`/!PWL<'!,V)1(<2H 1^'BP2B-:R
MFT**EMI3R1,#T8J%?S'($%2!<PZV? 8T]R+($ZZ,6*W[]N!$JR&NG@
MA$JH/\D%[(<9OT3PB)"F G])V3VT28"9U`@)^%K4A:#?UKD67^/("%FOQ
6ZLNIO0A*6*9XVJYE'1PGFTRY6 0`.P``
`
end

Me has pegado la web en HTML y yo la leo en texto plano así que no sé en
qué estado están los puertos. Si quieres hacer un escaneo de puerto,
hazle este:

http://www.upseros.com/portscan.php

www.fermu.com



"pedro segundo" escribió en el mensaje
news:

He pasado el test del enlace de tu mensaje y este es le resultado.
Estoy seguro?

gracias de antemano



The Hacker Exposure Check tests whether ports commonly used by
Internet applications are open, closed, or stealth
Understanding your results: An open port responds to port probes and
acknowledges the port's availability. Open ports are dangerous because
they're an easy and attractive means of entry for hackers.

A closed port is visible but not open to attack. Although this is
a safe state, a hacker can use closed ports to detect the existence of
your computer and potentially target it for attack.

A stealth port is safest of all. Stealth means your computer
doesn't respond to port probes and you are virtually invisible to
hackers scanning the Internet for potential targets. Although this is
a very safe result, a stealth port may cause performance problems for
some Internet applications.


Your Results:
Port Description Status

ICMP Ping Ping. Ping is a network troubleshooting utility. It
asks your computer to acknowledge its existence. If your computer
responds positively to a ping, hackers are more likely to target your
computer.


21 FTP (File Transfer Protocol). FTP is used to transfer files
between your computer and other computers. Port 21 should be open only
if you're running an FTP server.


22 SSH. TCP connections to this port might indicate a search for
SSH, which has a few exploitable features. SSH is a secure replacement
for Telnet. The most common uses of SSH are to securely login and copy
files from a server.


23 Telnet. Telnet can be used to log into your computer from a
terminal anywhere in the world. This port should be open only if
you're running a Telnet server.


25 SMTP (Simple Mail Transfer Protocol). A protocol for
host-to-host mail transport. This port should be open only if you're
running a mail server.


79 Finger. Finger is an Internet utility that allows someone to
obtain information about you, including your full name, logon status,
and other profile information.


80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer
Web pages over the Internet. Port 80 should be open only if you're
running a Web server.


110 POP3 (Post Office Protocol). Internet mail servers and mail
filter applications use this port. This port should be open only if
you're running a mail server.


113 Ident / Authentication. This service is required by some
mail, news, or relay chat servers to allow access. A stealth result on
this port could cause performance problems.


119 NNTP (Network News Transfer Protocol). A service used by News
servers to distribute Usenet articles to newsreader applications and
between other servers.


135 Location service (loc-srv). This port is used to direct RPC
(Remote Procedure Calls) services to the appropriate dynamically
mapped ports. Hackers can use this to determine which port is used by
several Windows services. This port should not be visible from the
Internet.


139 NetBIOS. NetBIOS is used for Windows File & Print sharing.
If port 139 is open, your computer is open to sharing files over the
Internet. Other components of NetBIOS can expose your computer name,
workgroup, user name, and other information. To learn more about
preventing connections to your NetBIOS ports, see: NetBIOS Information
and Configuration Instructions


143 IMAP (Internet Message Access Protocol). IMAP is a
sophisticated protocol for electronic mail delivery. This port should
be open only if you're running an IMAP server.


443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web server.


445 Windows NT / 2000 SMB. A standard used to exchange Server
Message Blocks, and can be exploited in multiple ways, including
gaining your passwords.


1080 SOCKS. This protocol allows computers access to the Internet
through a firewall. It is used when one IP address is shared among
several computers. Generally this protocol only allows access out to
the Internet. However, it is frequently configured incorrectly to
allow hackers to pass traffic inwards through the firewall.


1723 PPTP (Point-to-Point Tunneling Protocol). This service is
used for virtual private networking connections.


5000 UPnP (Universal Plug and Play). This service is used to
communicate with any UPnP devices attached to your network.


5631 pcAnywhere. This port is used by Symantec pcAnywhere when in
host mode.





"José Gallardo" escribió en el mensaje
news:

Mira a ver si te sirve esto:

http://security.symantec.com/sscv6/...;venid=sym

www.fermu.com



"Ixak" escribió en el mensaje
news:

Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está
seguro o no y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?

www.grc.com

saludos

Nunca sobran las segundas opiniones,

Trata estos links:
Para escanear los puertos
http://grc.com/default.htm ; (clics en ShieldsUP! > Proceed > Common
Ports, o All Service Ports)

Para escanear los puertos
http://scan.sygatetech.com/quickscan.html

To scan the ports, and to check the speed
http://www.upseros.com/portscan.php

To look for open ports!
http://www.hackercheck.com/?mode=c

Buena suerte

Engel

"Ixak" wrote:

Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está seguro o no
y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?