InfoSecPortal.ru

Портал информационной безопасности

Агрегатор форумов Разное

Как найти на сервере сервисы, которые показывает nmap?

ОтБывалый

Май 6, 2024

Привет.
Я не настоящий сварщик, а так пет проект.

Вобщем взял на ovh vps-ку с дебиан 12 и натравил на неё nmap:

sudo nmap -sV ************
[sudo] password for root:
Starting Nmap 7.92 ( https://nmap.org ) at 2024-04-24 16:14 IDT
Stats: 0:01:44 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 75.00% done; ETC: 16:16 (0:00:35 remaining)
Stats: 0:01:49 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 75.00% done; ETC: 16:16 (0:00:36 remaining)
Nmap scan report for **********
Host is up (0.020s latency).
Not shown: 996 closed tcp ports (reset)
PORT STATE SERVICE VERSION
21/tcp open tcpwrapped
22/tcp open tcpwrapped
1723/tcp open tcpwrapped
5060/tcp open sip?

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 151.22 seconds

sudo nmap ***********
[sudo] password for root:
Starting Nmap 7.92 ( https://nmap.org ) at 2024-04-24 16:20 IDT
Nmap scan report for **************
Host is up (0.0036s latency).
Not shown: 996 closed tcp ports (reset)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
1723/tcp open pptp
5060/tcp open sip

Nmap done: 1 IP address (1 host up) scanned in 1.14 seconds

И это говорит, что кроме ssh, открыты порты 21(ftp). 1723(pptp) и 5060(sip).
Возможно, но я не могу найти их на сервере:

~> sudo lsof -i :21
~ [1]> sudo lsof -i :1723
~ [1]> sudo lsof -i :5060
~ [1]>
~ [1]> sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 462/sshd: /usr/sbin
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 3322/systemd-resolv
tcp 0 0 127.0.0.54:53 0.0.0.0:* LISTEN 3322/systemd-resolv
tcp6 0 0 :::22 :::* LISTEN 462/sshd: /usr/sbin
udp 0 0 127.0.0.54:53 0.0.0.0:* 3322/systemd-resolv
udp 0 0 127.0.0.53:53 0.0.0.0:* 3322/systemd-resolv
udp 0 0 *.*.*.*:68 0.0.0.0:* 414/systemd-network
~ [1]>
~> sudo top -b -n=1
top – 13:38:02 up 1:35, 2 users, load average: 0.00, 0.00, 0.00
Tasks: 97 total, 1 running, 96 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.0 us, 33.3 sy, 0.0 ni, 66.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 7767.3 total, 7272.9 free, 360.0 used, 369.6 buff/cache
MiB Swap: 0.0 total, 0.0 free, 0.0 used. 7407.3 avail Mem

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1 root 20 0 168772 13520 9244 S 0.0 0.2 0:03.33 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
3 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 rcu_gp
4 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 rcu_par_gp
5 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 slub_flushwq
6 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 netns
8 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/0:0H-events_highpri
10 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 mm_percpu_wq
11 root 20 0 0 0 0 I 0.0 0.0 0:00.00 rcu_tasks_kthread
12 root 20 0 0 0 0 I 0.0 0.0 0:00.00 rcu_tasks_rude_kthread
13 root 20 0 0 0 0 I 0.0 0.0 0:00.00 rcu_tasks_trace_kthread
14 root 20 0 0 0 0 S 0.0 0.0 0:00.01 ksoftirqd/0
15 root 20 0 0 0 0 I 0.0 0.0 0:00.20 rcu_preempt
16 root rt 0 0 0 0 S 0.0 0.0 0:00.02 migration/0
18 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/0
19 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/1
20 root rt 0 0 0 0 S 0.0 0.0 0:00.21 migration/1
21 root 20 0 0 0 0 S 0.0 0.0 0:00.01 ksoftirqd/1
23 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/1:0H-events_highpri
24 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/2
25 root rt 0 0 0 0 S 0.0 0.0 0:00.21 migration/2
26 root 20 0 0 0 0 S 0.0 0.0 0:00.01 ksoftirqd/2
28 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/2:0H-events_highpri
29 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuhp/3
30 root rt 0 0 0 0 S 0.0 0.0 0:00.21 migration/3
31 root 20 0 0 0 0 S 0.0 0.0 0:00.01 ksoftirqd/3
33 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/3:0H-events_highpri
38 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kdevtmpfs
39 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 inet_frag_wq
40 root 20 0 0 0 0 S 0.0 0.0 0:00.02 kauditd
41 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khungtaskd
42 root 20 0 0 0 0 S 0.0 0.0 0:00.00 oom_reaper
43 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 writeback
44 root 20 0 0 0 0 S 0.0 0.0 0:00.23 kcompactd0
45 root 25 5 0 0 0 S 0.0 0.0 0:00.00 ksmd
46 root 39 19 0 0 0 S 0.0 0.0 0:00.09 khugepaged
47 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kintegrityd
48 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kblockd
49 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 blkcg_punt_bio
50 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 tpm_dev_wq
51 root 0 -20 0 0 0 I 0.0 0.0 0:00.01 kworker/0:1H-kblockd
53 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kswapd0
58 root 20 0 0 0 0 I 0.0 0.0 0:00.09 kworker/1:1-mm_percpu_wq
60 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kthrotld
65 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 acpi_thermal_pm
66 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 nvme-wq
67 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 nvme-reset-wq
68 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 nvme-delete-wq
69 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 mld
70 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 ipv6_addrconf
75 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kstrp
79 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 kworker/u9:0
130 root 0 -20 0 0 0 I 0.0 0.0 0:00.07 kworker/3:1H-kblockd
131 root 0 -20 0 0 0 I 0.0 0.0 0:00.03 kworker/2:1H-kblockd
151 root 0 -20 0 0 0 I 0.0 0.0 0:00.04 kworker/1:1H-kblockd
152 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 ata_sff
153 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_0
154 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 scsi_tmf_0
155 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_1
156 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 scsi_tmf_1
158 root 20 0 0 0 0 S 0.0 0.0 0:00.00 scsi_eh_2
159 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 scsi_tmf_2
178 root 20 0 0 0 0 S 0.0 0.0 0:00.17 jbd2/sda1-8
179 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 ext4-rsv-conver
242 root 20 0 0 0 0 I 0.0 0.0 0:00.09 kworker/2:2-mm_percpu_wq
245 root 20 0 49360 13852 10672 S 0.0 0.2 0:00.90 systemd-journal
258 root 20 0 0 0 0 I 0.0 0.0 0:00.00 kworker/0:8-cgwb_release
273 root 20 0 23732 5940 4544 S 0.0 0.1 0:00.19 systemd-udevd
299 root 20 0 0 0 0 I 0.0 0.0 0:00.00 kworker/1:2-cgroup_destroy
308 root 0 -20 0 0 0 I 0.0 0.0 0:00.00 cryptd
367 systemd+ 20 0 90196 6940 6000 S 0.0 0.1 0:00.08 systemd-timesyn
414 systemd+ 20 0 18000 8616 7480 S 0.0 0.1 0:00.05 systemd-network
452 message+ 20 0 7996 4288 3712 S 0.0 0.1 0:00.58 dbus-daemon
454 root 20 0 80240 3952 3668 S 0.0 0.0 0:00.00 qemu-ga
456 root 20 0 16820 7880 6832 S 0.0 0.1 0:00.33 systemd-logind
459 root 20 0 2892 1044 956 S 0.0 0.0 0:00.02 agetty
460 root 20 0 2936 1056 968 S 0.0 0.0 0:00.00 agetty
461 root 20 0 28728 18772 10856 S 0.0 0.2 0:00.70 unattended-upgr
462 root 20 0 15412 9288 7956 S 0.0 0.1 0:00.35 sshd
480 slava 20 0 18724 10124 8676 S 0.0 0.1 0:00.05 systemd
481 slava 20 0 102612 2956 0 S 0.0 0.0 0:00.00 (sd-pam)
947 root 20 0 17388 10908 9328 S 0.0 0.1 0:00.06 sshd
958 slava 20 0 17648 6580 4732 S 0.0 0.1 0:00.38 sshd
959 slava 20 0 240260 10888 6032 S 0.0 0.1 0:01.35 fish
1351 root 20 0 4020 2496 2236 S 0.0 0.0 0:00.01 cron
2376 root 20 0 0 0 0 I 0.0 0.0 0:00.00 kworker/3:0-events
3014 root 20 0 0 0 0 I 0.0 0.0 0:00.07 kworker/3:2-events
3015 root 20 0 0 0 0 I 0.0 0.0 0:00.00 kworker/2:0
3158 root 20 0 0 0 0 I 0.0 0.0 0:00.04 kworker/u8:0-flush-8:0
3206 root 20 0 0 0 0 I 0.0 0.0 0:00.02 kworker/u8:3-flush-8:0
3322 systemd+ 20 0 20812 13044 10768 S 0.0 0.2 0:00.10 systemd-resolve
3323 root 20 0 0 0 0 I 0.0 0.0 0:00.01 kworker/0:0-events
3451 root 20 0 0 0 0 I 0.0 0.0 0:00.01 kworker/u8:2-events_unbound
3566 root 20 0 0 0 0 I 0.0 0.0 0:00.00 kworker/u8:1-events_unbound
3654 root 20 0 7096 4304 3896 S 0.0 0.1 0:00.00 sudo
3655 root 20 0 7096 456 0 S 0.0 0.0 0:00.00 sudo
3656 root 20 0 9040 5156 3108 R 0.0 0.1 0:00.01 top

~> sudo systemctl –type=service
UNIT LOAD ACTIVE SUB DESCRIPTION
apparmor.service loaded active exited Load AppArmor profiles
cloud-config.service loaded active exited Apply the settings specified in cloud-config
cloud-final.service loaded active exited Execute cloud user/final scripts
cloud-init-local.service loaded active exited Initial cloud-init job (pre-networking)
cloud-init.service loaded active exited Initial cloud-init job (metadata service crawler)
cron.service loaded active running Regular background program processing daemon
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
kmod-static-nodes.service loaded active exited Create List of Static Device Nodes
qemu-guest-agent.service loaded active running QEMU Guest Agent
serial-getty@ttyS0.service loaded active running Serial Getty on ttyS0
ssh.service loaded active running OpenBSD Secure Shell server
systemd-binfmt.service loaded active exited Set Up Additional Binary Formats
systemd-growfs@-.service loaded active exited Grow File System on /
systemd-journal-flush.service loaded active exited Flush Journal to Persistent Storage
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running User Login Management
systemd-modules-load.service loaded active exited Load Kernel Modules
systemd-network-generator.service loaded active exited Generate network units from Kernel command line
systemd-networkd-wait-online.service loaded active exited Wait for Network to be Configured
systemd-networkd.service loaded active running Network Configuration
systemd-random-seed.service loaded active exited Load/Save Random Seed
systemd-remount-fs.service loaded active exited Remount Root and Kernel File Systems
systemd-resolved.service loaded active running Network Name Resolution
systemd-sysctl.service loaded active exited Apply Kernel Variables
systemd-sysusers.service loaded active exited Create System Users
systemd-timesyncd.service loaded active running Network Time Synchronization
systemd-tmpfiles-setup-dev.service loaded active exited Create Static Device Nodes in /dev
systemd-tmpfiles-setup.service loaded active exited Create Volatile Files and Directories
systemd-udev-trigger.service loaded active exited Coldplug All udev Devices
systemd-udevd.service loaded active running Rule-based Manager for Device Events and Files
systemd-update-utmp.service loaded active exited Record System Boot/Shutdown in UTMP
systemd-user-sessions.service loaded active exited Permit User Sessions
unattended-upgrades.service loaded active running Unattended Upgrades Shutdown
user-runtime-dir@1001.service loaded active exited User Runtime Directory /run/user/1001
user@1001.service loaded active running User Manager for UID 1001

LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
36 loaded units listed. Pass –all to see loaded but inactive units, too.
To show all installed unit files use ‘systemctl list-unit-files’.

При том, что на домашней виртуалке, на которой я тестировал деплой проекта nmap выдаёт вполне то, что ожидается:

sudo nmap -sV 192.168.122.10
[sudo] password for root:
Starting Nmap 7.92 ( https://nmap.org ) at 2024-04-24 16:41 IDT
Nmap scan report for storage.eventsjoin.local (192.168.122.10)
Host is up (0.000028s latency).
Not shown: 997 closed tcp ports (reset)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 9.2p1 Debian 2+deb12u2 (protocol 2.0)
80/tcp open http Golang net/http server (Go-IPFS json-rpc or InfluxDB API)
443/tcp open ssl/http Golang net/http server (Go-IPFS json-rpc or InfluxDB API)
MAC Address: 52:54:00:C6:72:2C (QEMU virtual NIC)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.76 seconds

Собственно, как обычно, вопроса два:

какого хрена?
что делать?

 debian, nmap, ovh, паранойя

​Linux.org.ru: Форум – Security

Read More

Ваша реакция?
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0
+1
0

Похожая запись

Агрегатор форумов Разное

Не получается поднять Bluetooth адаптер на android.

Май 19, 2024
Агрегатор форумов Разное

java hacking

Май 18, 2024
Агрегатор статей Разное

[Перевод] Pivot to the Clouds: Кража cookie в 2024 году

Май 18, 2024
0 0 голоса
Рейтинг статьи
Подписаться
Уведомить о
guest

0 комментариев
Межтекстовые Отзывы
Посмотреть все комментарии

Вы пропустили

Агрегатор форумов Разное

Не получается поднять Bluetooth адаптер на android.

19.05.2024 0 Комментарии
Агрегатор форумов Разное

java hacking

18.05.2024 0 Комментарии
Агрегатор статей Разное

[Перевод] Pivot to the Clouds: Кража cookie в 2024 году

18.05.2024 0 Комментарии
Агрегатор форумов Разное

Как решить проблему отключения wifi адаптера во время атаки в Kali Linux

18.05.2024 0 Комментарии
0
Оставьте комментарий! Напишите, что думаете по поводу статьи.x