UD 1. TAREA 1: Parte 2. Namp y Vulnerabilidades NVD.

15/09/2016

Como prometí ayer esto acaba la tarea 1... Nmap.
Este es el resultado del nmapAbierto el puerto 80 

nmap -A oliva.es

Starting Nmap 7.01 ( https://nmap.org ) at 2016-09-15 14:07 CEST
Nmap scan report for Oliva.es (139.162.203.46)
Host is up (0.0048s latency).
rDNS record for 139.162.203.46: xarxa.disedit.com
Not shown: 991 closed ports
PORT     STATE    SERVICE        VERSION
7/tcp    filtered echo
53/tcp   filtered domain
80/tcp   open     http           Apache httpd 2.4.18 ((Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4)
|_http-generator: WPML ver:3.3.7 stt:2,8;
| http-robots.txt: 1 disallowed entry
|_/wp-admin/
|_http-server-header: Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
| http-title: Ajuntament d'Oliva
|_Requested resource was http://oliva.es/
443/tcp  open     ssl/http       Apache httpd 2.4.18 ((Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4)
| http-methods:
|_  Potentially risky methods: TRACE
|_http-server-header: Apache/2.4.18 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=xarxa.disedit.com
| Not valid before: 2016-04-27T00:00:00
|_Not valid after:  2017-04-27T23:59:59
|_ssl-date: 2016-09-15T10:09:00+00:00; -1h58m44s from scanner time.
3000/tcp filtered ppp
8000/tcp filtered http-alt
8022/tcp filtered oa-system
8085/tcp filtered unknown
8888/tcp filtered sun-answerbook
Device type: WAP
Running (JUST GUESSING): Linksys embedded (98%)
OS CPE: cpe:/h:linksys:befw11s4
Aggressive OS guesses: Linksys BEFW11S4 WAP (98%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 1 hop

TRACEROUTE (using port 80/tcp)
HOP RTT     ADDRESS
1   0.26 ms xarxa.disedit.com (139.162.203.46)

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 42.34 seconds

Y el servidor de Euskalert.net

xxxxxxxxxxxxxxj:~# nmap -A www.euskalert.net

Starting Nmap 7.01 ( https://nmap.org ) at 2016-09-15 13:57 CEST

Nmap scan report for www.euskalert.net (193.146.78.12)

Host is up (0.00028s latency).

Not shown: 980 closed ports

PORT STATE SERVICE VERSION

7/tcp filtered echo

53/tcp filtered domain

80/tcp open tcpwrapped

81/tcp filtered hosts2-ns

90/tcp f iltered dnsix

1443/tcp filtered ies-lm

1935/tcp filtered rtmp

3000/tcp filtered ppp

5000/tcp filtered upnp

5222/tcp filtered xmpp-client

7777/tcp filtered cbt

8000/tcp filtered http-alt

8022/tcp filtered oa-system

8080/tcp filtered http-proxy

8081/tcp filtered blackice-icecap

8085/tcp filtered unknown

8443/tcp filtered https-alt

8888/tcp filtered sun-answerbook

9090/tcp filtered zeus-admin

20000/tcp filtered dnp

Device type: WAP|router|general purpose|load balancer|firewall

Running (JUST GUESSING): Linksys embedded (97%), Microsoft Windows 2003 (91%), Asus embedded (89%), Cisco embedded (89%), Cisco PIX OS 8.X|6.X (89%), Palo Alto embedded (89%)

OS CPE: cpe:/h:linksys:befw11s4 cpe:/h:linksys:befsr41 cpe:/o:microsoft:windows_server_2003::r2 cpe:/h:asus:rt-53n cpe:/o:cisco:pix_os:8.0 cpe:/h:paloalto:pa-500 cpe:/o:cisco:pix_os:6

Aggressive OS guesses: Linksys BEFW11S4 WAP (97%), Linksys BEFSR41 router (91%), Microsoft Windows Server 2003 R2 (91%), Asus RT-53N WAP (89%), Cisco ACE load balancer (89%), Cisco Adaptive Security Appliance 5510 or 5540 firewall (PIX OS 8.0) (89%), Palo Alto PA-500 firewall (89%), Linksys BEFSR41 EtherFast router (89%), Linksys BEFSR81 router (89%), Linksys BEFSR41 router or WRK54G WAP (89%)

No exact OS matches for host (test conditions non-ideal).

Network Distance: 1 hop

TRACEROUTE (using port 80/tcp)

HOP RTT ADDRESS

1 0.26 ms 193.146.78.12

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 31.41 seconds

Y aqui una lista de Vulnerabilidades.... de NVD