Добрый день. есть ОС 2008 R2 SP1. имеет белый IP.
Запустил удалённо виндовый nmap +TCP ports, и вот что получил:
Что можете сказать про безопасность? Какие риски есть?
больше всего волнуют 80, 445, 6006 и 46354 порты.
Имеет смысл сделать скан с UDP портами?
Спасибо.
Запустил удалённо виндовый nmap +TCP ports, и вот что получил:
Код |
---|
Starting Nmap 5.51 ( http://nmap.org ) at 2011-09-15 10:57 W. Europe Daylight Time NSE: Loaded 57 scripts for scanning. Initiating Ping Scan at 10:57 Scanning XXX.YYY.ZZZ.AAA [4 ports] Completed Ping Scan at 10:57, 0.12s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 10:57 Completed Parallel DNS resolution of 1 host. at 10:57, 0.00s elapsed Initiating SYN Stealth Scan at 10:57 Scanning server.domain.tld (XXX.YYY.ZZZ.AAA) [65535 ports] Discovered open port 993/tcp on XXX.YYY.ZZZ.AAA Discovered open port 25/tcp on XXX.YYY.ZZZ.AAA Discovered open port 110/tcp on XXX.YYY.ZZZ.AAA Discovered open port 80/tcp on XXX.YYY.ZZZ.AAA Discovered open port 143/tcp on XXX.YYY.ZZZ.AAA Discovered open port 445/tcp on XXX.YYY.ZZZ.AAA Discovered open port 995/tcp on XXX.YYY.ZZZ.AAA Discovered open port 443/tcp on XXX.YYY.ZZZ.AAA Discovered open port 808/tcp on XXX.YYY.ZZZ.AAA SYN Stealth Scan Timing: About 7.93% done; ETC: 11:04 (0:06:00 remaining) Discovered open port 6006/tcp on XXX.YYY.ZZZ.AAA Discovered open port 46354/tcp on XXX.YYY.ZZZ.AAA Completed SYN Stealth Scan at 11:00, 158.07s elapsed (65535 total ports) Initiating Service scan at 11:00 Scanning 11 services on server.domain.tld (XXX.YYY.ZZZ.AAA) Completed Service scan at 11:00, 49.31s elapsed (11 services on 1 host) Initiating OS detection (try #1) against server.domain.tld (XXX.YYY.ZZZ.AAA) Retrying OS detection (try #2) against server.domain.tld (XXX.YYY.ZZZ.AAA) Initiating Traceroute at 11:01 Completed Traceroute at 11:01, 0.01s elapsed NSE: Script scanning XXX.YYY.ZZZ.AAA. Initiating NSE at 11:01 Completed NSE at 11:01, 40.04s elapsed Nmap scan report for server.domain.tld (XXX.YYY.ZZZ.AAA) Host is up (0.012s latency). Not shown: 65524 filtered ports PORT STATE SERVICE VERSION 25/tcp open smtp Microsoft Exchange ESMTP | smtp-commands: server.domain.tld Hello [YYY.XXX.AAA.ZZZ], SIZE 104693760, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, AUTH NTLM LOGIN, 8BITMIME, BINARYMIME, CHUNKING |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT 80/tcp open http Microsoft IIS httpd 7.5 |_http-methods: No Allow or Public header in OPTIONS response (status code 302) | http-title: Object moved |_Did not follow redirect to HTTPS://SERVER.DOMAIN.TLD/ 110/tcp open pop3 MS Exchange 2007 pop3d |_pop3-capabilities: OK(K) STLS TOP UIDL 143/tcp open imap Microsoft Exchange 2007-2008 imapd |_imap-capabilities: IMAP4 STARTTLS IMAP4rev1 UIDPLUS LOGINDISABLED LITERAL+ IDLE NAMESPACE CHILDREN 443/tcp open ssl/http Microsoft IIS httpd 7.5 |_sslv2: server still supports SSLv2 |_http-methods: No Allow or Public header in OPTIONS response (status code 302) | http-title: Document Moved |_Did not follow redirect to https://server.domain.tld/owa/ 445/tcp open netbios-ssn 808/tcp open ccproxy-http? 993/tcp open ssl/imap Microsoft Exchange 2007-2008 imapd |_imap-capabilities: AUTH=GSSAPI IMAP4 AUTH=NTLM AUTH=PLAIN UIDPLUS IMAP4rev1 LITERAL+ IDLE NAMESPACE CHILDREN 995/tcp open ssl/pop3 MS Exchange 2007 pop3d |_pop3-capabilities: OK(K) UIDL USER TOP SASL(NTLM GSSAPI PLAIN) [B]6006/tcp open msrpc Microsoft Windows RPC 46354/tcp open msrpc Microsoft Windows RPC[/B] Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running (JUST GUESSING): Microsoft Windows Vista|2008|7|2003 (87%) Aggressive OS guesses: Microsoft Windows Vista (87%), Microsoft Windows Server 2008 SP1 (86%), Microsoft Windows Vista SP0 - SP2, Server 2008, or Windows 7 Ultimate (86%), Microsoft Windows Vista SP1 (86%), Microsoft Windows Vista SP2 (86%), Microsoft Windows 7 (85%), Microsoft Windows Vista Business (85%), Microsoft Windows Vista SP0 or SP1 (85%), Microsoft Windows Server 2003 (85%) No exact OS matches for host (test conditions non-ideal). Uptime guess: 9.599 days (since Mon Sep 05 20:39:33 2011) Network Distance: 1 hop TCP Sequence Prediction: Difficulty=256 (Good luck!) IP ID Sequence Generation: Busy server or unknown class Service Info: OS: Windows Host script results: |_smbv2-enabled: Server supports SMBv2 protocol | smb-os-discovery: | OS: Windows Small Business Server 2011 Standard 7600 (Windows Small Business Server 2011 Standard 6.1) | Name: DOMAIN\SERVER |_ System time: 2011-09-15 11:01:04 UTC+2 TRACEROUTE (using port 80/tcp) HOP RTT ADDRESS 1 0.00 ms server.domain.tld (XXX.YYY.ZZZ.AAA) |
Что можете сказать про безопасность? Какие риски есть?
больше всего волнуют 80, 445, 6006 и 46354 порты.
Имеет смысл сделать скан с UDP портами?
Спасибо.