Forums Últimos mensajes - Powered by IBM
 
Tags Palabras claves

Analisis de seguridad

07/01/2006 - 09:29 por Ixak | Informe spam
Ayuda Hacer una pregunta
Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está seguro o no
y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?
email Siga el debateRespuesta 10 respuestasRespuesta Tengo una respuesta

Preguntas similare

Mostrar todos los temas similares

Leer las respuestas

#6 pedro segundo
07/01/2006 - 23:13 | Informe spam
Tras pasar el test de UPSEROS, sólo aparece abierto el puerto 23, el resto
están cerrados o invisibles, esto es lo que dice:





Hemos detectado que tu conexión web a Internet es directa y sin ningún
proxy-caché delante



Puerto 23 Telnet ABIERTO

Telnet proporciona una ventana de comandos para el control remoto de un
sistema. Cualquier sistema que aparente tener una conexión Telnet atraerá
sin duda la atención de cualquier intruso.



Hemos detectado que tienes puertos abiertos y accesibles desde el exterior.
Revisa el análisis y asegúrate de que sus implicaciones no pongan en riesgo
la seguridad de tu equipo.







Gracias otra vez



"José Gallardo" escribió en el mensaje
news:
Me has pegado la web en HTML y yo la leo en texto plano así que no sé en
qué estado están los puertos. Si quieres hacer un escaneo de puerto, hazle
este:

http://www.upseros.com/portscan.php

www.fermu.com



"pedro segundo" escribió en el mensaje
news:
He pasado el test del enlace de tu mensaje y este es le resultado.
Estoy seguro?

gracias de antemano



The Hacker Exposure Check tests whether ports commonly used by Internet
applications are open, closed, or stealth
Understanding your results: An open port responds to port probes and
acknowledges the port's availability. Open ports are dangerous because
they're an easy and attractive means of entry for hackers.

A closed port is visible but not open to attack. Although this is a
safe state, a hacker can use closed ports to detect the existence of your
computer and potentially target it for attack.

A stealth port is safest of all. Stealth means your computer doesn't
respond to port probes and you are virtually invisible to hackers
scanning the Internet for potential targets. Although this is a very safe
result, a stealth port may cause performance problems for some Internet
applications.


Your Results:
Port Description Status

ICMP Ping Ping. Ping is a network troubleshooting utility. It asks
your computer to acknowledge its existence. If your computer responds
positively to a ping, hackers are more likely to target your computer.


21 FTP (File Transfer Protocol). FTP is used to transfer files
between your computer and other computers. Port 21 should be open only if
you're running an FTP server.


22 SSH. TCP connections to this port might indicate a search for
SSH, which has a few exploitable features. SSH is a secure replacement
for Telnet. The most common uses of SSH are to securely login and copy
files from a server.


23 Telnet. Telnet can be used to log into your computer from a
terminal anywhere in the world. This port should be open only if you're
running a Telnet server.


25 SMTP (Simple Mail Transfer Protocol). A protocol for host-to-host
mail transport. This port should be open only if you're running a mail
server.


79 Finger. Finger is an Internet utility that allows someone to
obtain information about you, including your full name, logon status, and
other profile information.


80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer Web
pages over the Internet. Port 80 should be open only if you're running a
Web server.


110 POP3 (Post Office Protocol). Internet mail servers and mail
filter applications use this port. This port should be open only if
you're running a mail server.


113 Ident / Authentication. This service is required by some mail,
news, or relay chat servers to allow access. A stealth result on this
port could cause performance problems.


119 NNTP (Network News Transfer Protocol). A service used by News
servers to distribute Usenet articles to newsreader applications and
between other servers.


135 Location service (loc-srv). This port is used to direct RPC
(Remote Procedure Calls) services to the appropriate dynamically mapped
ports. Hackers can use this to determine which port is used by several
Windows services. This port should not be visible from the Internet.


139 NetBIOS. NetBIOS is used for Windows File & Print sharing. If
port 139 is open, your computer is open to sharing files over the
Internet. Other components of NetBIOS can expose your computer name,
workgroup, user name, and other information. To learn more about
preventing connections to your NetBIOS ports, see: NetBIOS Information
and Configuration Instructions


143 IMAP (Internet Message Access Protocol). IMAP is a sophisticated
protocol for electronic mail delivery. This port should be open only if
you're running an IMAP server.


443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web server.


445 Windows NT / 2000 SMB. A standard used to exchange Server
Message Blocks, and can be exploited in multiple ways, including gaining
your passwords.


1080 SOCKS. This protocol allows computers access to the Internet
through a firewall. It is used when one IP address is shared among
several computers. Generally this protocol only allows access out to the
Internet. However, it is frequently configured incorrectly to allow
hackers to pass traffic inwards through the firewall.


1723 PPTP (Point-to-Point Tunneling Protocol). This service is used
for virtual private networking connections.


5000 UPnP (Universal Plug and Play). This service is used to
communicate with any UPnP devices attached to your network.


5631 pcAnywhere. This port is used by Symantec pcAnywhere when in
host mode.





"José Gallardo" escribió en el mensaje
news:
Mira a ver si te sirve esto:

http://security.symantec.com/sscv6/...;venid=sym

www.fermu.com



"Ixak" escribió en el mensaje
news:
Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está
seguro o no y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?














Respuesta Responder a este mensaje
#7 José Gallardo
08/01/2006 - 10:07 | Informe spam
En una navegación normal y si no se tiene nada instalado, quiero decir
para un usuario normal deben salir todos "invisibles". A mí me salen
todos así. ¿Qué firewall usas?

www.fermu.com



"pedro segundo" escribió en el mensaje
news:
Tras pasar el test de UPSEROS, sólo aparece abierto el puerto 23, el
resto están cerrados o invisibles, esto es lo que dice:





Hemos detectado que tu conexión web a Internet es directa y sin ningún
proxy-caché delante



Puerto 23 Telnet ABIERTO

Telnet proporciona una ventana de comandos para el control remoto de
un sistema. Cualquier sistema que aparente tener una conexión Telnet
atraerá sin duda la atención de cualquier intruso.



Hemos detectado que tienes puertos abiertos y accesibles desde el
exterior. Revisa el análisis y asegúrate de que sus implicaciones no
pongan en riesgo la seguridad de tu equipo.







Gracias otra vez



"José Gallardo" escribió en el mensaje
news:
Me has pegado la web en HTML y yo la leo en texto plano así que no sé
en qué estado están los puertos. Si quieres hacer un escaneo de
puerto, hazle este:

http://www.upseros.com/portscan.php

www.fermu.com



"pedro segundo" escribió en el mensaje
news:
He pasado el test del enlace de tu mensaje y este es le resultado.
Estoy seguro?

gracias de antemano



The Hacker Exposure Check tests whether ports commonly used by
Internet applications are open, closed, or stealth
Understanding your results: An open port responds to port probes
and acknowledges the port's availability. Open ports are dangerous
because they're an easy and attractive means of entry for hackers.

A closed port is visible but not open to attack. Although this
is a safe state, a hacker can use closed ports to detect the
existence of your computer and potentially target it for attack.

A stealth port is safest of all. Stealth means your computer
doesn't respond to port probes and you are virtually invisible to
hackers scanning the Internet for potential targets. Although this
is a very safe result, a stealth port may cause performance problems
for some Internet applications.


Your Results:
Port Description Status

ICMP Ping Ping. Ping is a network troubleshooting utility. It
asks your computer to acknowledge its existence. If your computer
responds positively to a ping, hackers are more likely to target
your computer.


21 FTP (File Transfer Protocol). FTP is used to transfer files
between your computer and other computers. Port 21 should be open
only if you're running an FTP server.


22 SSH. TCP connections to this port might indicate a search
for SSH, which has a few exploitable features. SSH is a secure
replacement for Telnet. The most common uses of SSH are to securely
login and copy files from a server.


23 Telnet. Telnet can be used to log into your computer from a
terminal anywhere in the world. This port should be open only if
you're running a Telnet server.


25 SMTP (Simple Mail Transfer Protocol). A protocol for
host-to-host mail transport. This port should be open only if you're
running a mail server.


79 Finger. Finger is an Internet utility that allows someone to
obtain information about you, including your full name, logon
status, and other profile information.


80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer
Web pages over the Internet. Port 80 should be open only if you're
running a Web server.


110 POP3 (Post Office Protocol). Internet mail servers and mail
filter applications use this port. This port should be open only if
you're running a mail server.


113 Ident / Authentication. This service is required by some
mail, news, or relay chat servers to allow access. A stealth result
on this port could cause performance problems.


119 NNTP (Network News Transfer Protocol). A service used by
News servers to distribute Usenet articles to newsreader
applications and between other servers.


135 Location service (loc-srv). This port is used to direct RPC
(Remote Procedure Calls) services to the appropriate dynamically
mapped ports. Hackers can use this to determine which port is used
by several Windows services. This port should not be visible from
the Internet.


139 NetBIOS. NetBIOS is used for Windows File & Print sharing.
If port 139 is open, your computer is open to sharing files over the
Internet. Other components of NetBIOS can expose your computer name,
workgroup, user name, and other information. To learn more about
preventing connections to your NetBIOS ports, see: NetBIOS
Information and Configuration Instructions


143 IMAP (Internet Message Access Protocol). IMAP is a
sophisticated protocol for electronic mail delivery. This port
should be open only if you're running an IMAP server.


443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web
server.


445 Windows NT / 2000 SMB. A standard used to exchange Server
Message Blocks, and can be exploited in multiple ways, including
gaining your passwords.


1080 SOCKS. This protocol allows computers access to the
Internet through a firewall. It is used when one IP address is
shared among several computers. Generally this protocol only allows
access out to the Internet. However, it is frequently configured
incorrectly to allow hackers to pass traffic inwards through the
firewall.


1723 PPTP (Point-to-Point Tunneling Protocol). This service is
used for virtual private networking connections.


5000 UPnP (Universal Plug and Play). This service is used to
communicate with any UPnP devices attached to your network.


5631 pcAnywhere. This port is used by Symantec pcAnywhere when
in host mode.





"José Gallardo" escribió en el mensaje
news:
Mira a ver si te sirve esto:

http://security.symantec.com/sscv6/...;venid=sym

www.fermu.com



"Ixak" escribió en el mensaje
news:
Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está
seguro o no y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?


















Respuesta Responder a este mensaje
#8 pedro segundo
08/01/2006 - 20:18 | Informe spam
Firewal Windows XP SP2

Antivirus McAfee

Antispyware Microsoft beta1 1.0.701



Router 3com 812 multipuesto







"José Gallardo" escribió en el mensaje
news:
En una navegación normal y si no se tiene nada instalado, quiero decir
para un usuario normal deben salir todos "invisibles". A mí me salen todos
así. ¿Qué firewall usas?

www.fermu.com



"pedro segundo" escribió en el mensaje
news:
Tras pasar el test de UPSEROS, sólo aparece abierto el puerto 23, el
resto están cerrados o invisibles, esto es lo que dice:





Hemos detectado que tu conexión web a Internet es directa y sin ningún
proxy-caché delante



Puerto 23 Telnet ABIERTO

Telnet proporciona una ventana de comandos para el control remoto de un
sistema. Cualquier sistema que aparente tener una conexión Telnet atraerá
sin duda la atención de cualquier intruso.



Hemos detectado que tienes puertos abiertos y accesibles desde el
exterior. Revisa el análisis y asegúrate de que sus implicaciones no
pongan en riesgo la seguridad de tu equipo.







Gracias otra vez



"José Gallardo" escribió en el mensaje
news:
Me has pegado la web en HTML y yo la leo en texto plano así que no sé en
qué estado están los puertos. Si quieres hacer un escaneo de puerto,
hazle este:

http://www.upseros.com/portscan.php

www.fermu.com



"pedro segundo" escribió en el mensaje
news:
He pasado el test del enlace de tu mensaje y este es le resultado.
Estoy seguro?

gracias de antemano



The Hacker Exposure Check tests whether ports commonly used by Internet
applications are open, closed, or stealth
Understanding your results: An open port responds to port probes and
acknowledges the port's availability. Open ports are dangerous because
they're an easy and attractive means of entry for hackers.

A closed port is visible but not open to attack. Although this is a
safe state, a hacker can use closed ports to detect the existence of
your computer and potentially target it for attack.

A stealth port is safest of all. Stealth means your computer
doesn't respond to port probes and you are virtually invisible to
hackers scanning the Internet for potential targets. Although this is a
very safe result, a stealth port may cause performance problems for
some Internet applications.


Your Results:
Port Description Status

ICMP Ping Ping. Ping is a network troubleshooting utility. It asks
your computer to acknowledge its existence. If your computer responds
positively to a ping, hackers are more likely to target your computer.


21 FTP (File Transfer Protocol). FTP is used to transfer files
between your computer and other computers. Port 21 should be open only
if you're running an FTP server.


22 SSH. TCP connections to this port might indicate a search for
SSH, which has a few exploitable features. SSH is a secure replacement
for Telnet. The most common uses of SSH are to securely login and copy
files from a server.


23 Telnet. Telnet can be used to log into your computer from a
terminal anywhere in the world. This port should be open only if you're
running a Telnet server.


25 SMTP (Simple Mail Transfer Protocol). A protocol for
host-to-host mail transport. This port should be open only if you're
running a mail server.


79 Finger. Finger is an Internet utility that allows someone to
obtain information about you, including your full name, logon status,
and other profile information.


80 HTTP (Hypertext Transfer Protocol). HTTP is used to transfer
Web pages over the Internet. Port 80 should be open only if you're
running a Web server.


110 POP3 (Post Office Protocol). Internet mail servers and mail
filter applications use this port. This port should be open only if
you're running a mail server.


113 Ident / Authentication. This service is required by some mail,
news, or relay chat servers to allow access. A stealth result on this
port could cause performance problems.


119 NNTP (Network News Transfer Protocol). A service used by News
servers to distribute Usenet articles to newsreader applications and
between other servers.


135 Location service (loc-srv). This port is used to direct RPC
(Remote Procedure Calls) services to the appropriate dynamically mapped
ports. Hackers can use this to determine which port is used by several
Windows services. This port should not be visible from the Internet.


139 NetBIOS. NetBIOS is used for Windows File & Print sharing. If
port 139 is open, your computer is open to sharing files over the
Internet. Other components of NetBIOS can expose your computer name,
workgroup, user name, and other information. To learn more about
preventing connections to your NetBIOS ports, see: NetBIOS Information
and Configuration Instructions


143 IMAP (Internet Message Access Protocol). IMAP is a
sophisticated protocol for electronic mail delivery. This port should
be open only if you're running an IMAP server.


443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web server.


445 Windows NT / 2000 SMB. A standard used to exchange Server
Message Blocks, and can be exploited in multiple ways, including
gaining your passwords.


1080 SOCKS. This protocol allows computers access to the Internet
through a firewall. It is used when one IP address is shared among
several computers. Generally this protocol only allows access out to
the Internet. However, it is frequently configured incorrectly to allow
hackers to pass traffic inwards through the firewall.


1723 PPTP (Point-to-Point Tunneling Protocol). This service is
used for virtual private networking connections.


5000 UPnP (Universal Plug and Play). This service is used to
communicate with any UPnP devices attached to your network.


5631 pcAnywhere. This port is used by Symantec pcAnywhere when in
host mode.





"José Gallardo" escribió en el mensaje
news:
Mira a ver si te sirve esto:

http://security.symantec.com/sscv6/...;venid=sym

www.fermu.com



"Ixak" escribió en el mensaje
news:
Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está
seguro o no y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?






















Respuesta Responder a este mensaje
#9 José Gallardo
09/01/2006 - 13:29 | Informe spam
Mira en las excepciones del firewall a ver qué te está abriendo el
puerto 23

¿Problemas con Windows Update?
http://tinyurl.com/9nud8
Windows Update issues?
http://tinyurl.com/dyb6k




"pedro segundo" escribió en el mensaje
news:e%
Firewal Windows XP SP2

Antivirus McAfee

Antispyware Microsoft beta1 1.0.701



Router 3com 812 multipuesto







"José Gallardo" escribió en el mensaje
news:
En una navegación normal y si no se tiene nada instalado, quiero
decir para un usuario normal deben salir todos "invisibles". A mí me
salen todos así. ¿Qué firewall usas?

www.fermu.com



"pedro segundo" escribió en el mensaje
news:
Tras pasar el test de UPSEROS, sólo aparece abierto el puerto 23, el
resto están cerrados o invisibles, esto es lo que dice:





Hemos detectado que tu conexión web a Internet es directa y sin
ningún proxy-caché delante



Puerto 23 Telnet ABIERTO

Telnet proporciona una ventana de comandos para el control remoto de
un sistema. Cualquier sistema que aparente tener una conexión Telnet
atraerá sin duda la atención de cualquier intruso.



Hemos detectado que tienes puertos abiertos y accesibles desde el
exterior. Revisa el análisis y asegúrate de que sus implicaciones no
pongan en riesgo la seguridad de tu equipo.







Gracias otra vez



"José Gallardo" escribió en el mensaje
news:
Me has pegado la web en HTML y yo la leo en texto plano así que no
sé en qué estado están los puertos. Si quieres hacer un escaneo de
puerto, hazle este:

http://www.upseros.com/portscan.php

www.fermu.com



"pedro segundo" escribió en el mensaje
news:
He pasado el test del enlace de tu mensaje y este es le resultado.
Estoy seguro?

gracias de antemano



The Hacker Exposure Check tests whether ports commonly used by
Internet applications are open, closed, or stealth
Understanding your results: An open port responds to port probes
and acknowledges the port's availability. Open ports are dangerous
because they're an easy and attractive means of entry for hackers.

A closed port is visible but not open to attack. Although this
is a safe state, a hacker can use closed ports to detect the
existence of your computer and potentially target it for attack.

A stealth port is safest of all. Stealth means your computer
doesn't respond to port probes and you are virtually invisible to
hackers scanning the Internet for potential targets. Although this
is a very safe result, a stealth port may cause performance
problems for some Internet applications.


Your Results:
Port Description Status

ICMP Ping Ping. Ping is a network troubleshooting utility. It
asks your computer to acknowledge its existence. If your computer
responds positively to a ping, hackers are more likely to target
your computer.


21 FTP (File Transfer Protocol). FTP is used to transfer
files between your computer and other computers. Port 21 should be
open only if you're running an FTP server.


22 SSH. TCP connections to this port might indicate a search
for SSH, which has a few exploitable features. SSH is a secure
replacement for Telnet. The most common uses of SSH are to
securely login and copy files from a server.


23 Telnet. Telnet can be used to log into your computer from
a terminal anywhere in the world. This port should be open only if
you're running a Telnet server.


25 SMTP (Simple Mail Transfer Protocol). A protocol for
host-to-host mail transport. This port should be open only if
you're running a mail server.


79 Finger. Finger is an Internet utility that allows someone
to obtain information about you, including your full name, logon
status, and other profile information.


80 HTTP (Hypertext Transfer Protocol). HTTP is used to
transfer Web pages over the Internet. Port 80 should be open only
if you're running a Web server.


110 POP3 (Post Office Protocol). Internet mail servers and
mail filter applications use this port. This port should be open
only if you're running a mail server.


113 Ident / Authentication. This service is required by some
mail, news, or relay chat servers to allow access. A stealth
result on this port could cause performance problems.


119 NNTP (Network News Transfer Protocol). A service used by
News servers to distribute Usenet articles to newsreader
applications and between other servers.


135 Location service (loc-srv). This port is used to direct
RPC (Remote Procedure Calls) services to the appropriate
dynamically mapped ports. Hackers can use this to determine which
port is used by several Windows services. This port should not be
visible from the Internet.


139 NetBIOS. NetBIOS is used for Windows File & Print
sharing. If port 139 is open, your computer is open to sharing
files over the Internet. Other components of NetBIOS can expose
your computer name, workgroup, user name, and other information.
To learn more about preventing connections to your NetBIOS ports,
see: NetBIOS Information and Configuration Instructions


143 IMAP (Internet Message Access Protocol). IMAP is a
sophisticated protocol for electronic mail delivery. This port
should be open only if you're running an IMAP server.


443 HTTP over TLS/SSL. A protocol for providing secure HTTP
communication. It should be open only if you're running a Web
server.


445 Windows NT / 2000 SMB. A standard used to exchange Server
Message Blocks, and can be exploited in multiple ways, including
gaining your passwords.


1080 SOCKS. This protocol allows computers access to the
Internet through a firewall. It is used when one IP address is
shared among several computers. Generally this protocol only
allows access out to the Internet. However, it is frequently
configured incorrectly to allow hackers to pass traffic inwards
through the firewall.


1723 PPTP (Point-to-Point Tunneling Protocol). This service
is used for virtual private networking connections.


5000 UPnP (Universal Plug and Play). This service is used to
communicate with any UPnP devices attached to your network.


5631 pcAnywhere. This port is used by Symantec pcAnywhere
when in host mode.





"José Gallardo" escribió en el mensaje
news:
Mira a ver si te sirve esto:

http://security.symantec.com/sscv6/...;venid=sym

www.fermu.com



"Ixak" escribió en el mensaje
news:
Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está
seguro o no y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?


























Respuesta Responder a este mensaje
#10 chakal
09/01/2006 - 16:30 | Informe spam
El puerto 23 (telnet) supuestamente sera el telnetd del router 3com812 xD
... lo puedes cerrar desde el terminal serie con "disable network service
telnetd", o si lo prefieres, filtra las entradas procedentes de internet al
puerto 23/tcp ...

salu2

"Engel" escribió en el mensaje
news:
Nunca sobran las segundas opiniones,

Trata estos links:
Para escanear los puertos
http://grc.com/default.htm ; (clics en ShieldsUP! > Proceed > Common
Ports, o All Service Ports)

Para escanear los puertos
http://scan.sygatetech.com/quickscan.html

To scan the ports, and to check the speed
http://www.upseros.com/portscan.php

To look for open ports!
http://www.hackercheck.com/?mode=c

Buena suerte

Engel

"Ixak" wrote:

Muy buenas,
Quisiera hacer un buen diagnóstico para saber si mi sistema está seguro o
no
y a qué nivel!
¿Dónde o qué herramienta me podríais recomendar para esto?



email Siga el debate Respuesta Responder a este mensaje
Ads by Google
Help Hacer una pregunta AnteriorRespuesta Tengo una respuesta
Search Busqueda sugerida