Ongorora zviteshi uye masevhisi mumaminitsi mashanu: gwara rinoshanda

Kana iwe uchinetsekana netiweki yako yekurwiswa kwenzvimbo, yekuongorora zviteshi uye masevhisi ndiyo yekutanga cheki yekuchengetedza yaunofanirwa kuita. Nemaodha mashoma akanyatsosarudzwa, unogona kuona mumaminetsi zvauri kufumura.Ndedzipi njodzi dzauri kutora, uye panogona kumuka matambudziko? Iwe haufanirwe kuve guru: negwara rakajeka uye maturusi emahara, iyi yekutarisa chidimbu chekeke.

Zvisinei, zvakakosha kuchengeta pfungwa mbiri mupfungwa: Inoongorora chete masisitimu aunotonga kana ane mvumo yekuwana.Uye yeuka, kuona hakuna kufanana nekushandisa. Pano iwe unozodzidza kuona izvo zvakavhurika, kuziva masevhisi, uye kusimudzira chengetedzo, kwete maitiro ekukanganisa masisitimu evamwe vanhu. Nezvo zvakajeka, ngatidzikei kubhizinesi negwaro iri rekuti ungaongorora sei madoko ako akafumurwa nemasevhisi.

Zvinorevei port scanning (uye nei uchizviita)

Chiteshi inzvimbo inonzwisisika yekupinda/kubuda pane IP kero. Pane 65.535 TCP/UDP zviteshi pakero Uye imwe neimwe inogona kuvhurwa, kuvharwa, kana kusefa nefirewall. Munhu anorwisa achiongorora anogona kuona mumasekonzi kuti ndeapi masevhisi auri kutsikisa uye neshanduro ipi.

Iyo mepu inogona kuratidza zvakawanda kupfuura zvaunofungidzira: sevhisi metadata, shanduro dzine tsikidzi dzinozivikanwa, kana maitiro ekushandisa systemKana mumwe munhu akawana mukana kuburikidza nesevhisi yakakanganwa kana isina kurongeka, vanogona kuwedzera kurwisa kwavo uye kukanganisa mapassword, mafaera, uye zvishandiso.

Kuti uderedze kuratidzwa, mutemo wegoridhe uri nyore: Usavhure mamwe madoko pane zvakafanira, uye nguva nenguva tarisa iwo aunoda.Hushoma hwemaitiro (scans, firewall, updates) zvakanyanya kuderedza njodzi.

Zvishandiso zvakaita seNmap/Zenmap, TCPing, kana mamwe ane simba ekuongorora network mhinduro dzinobatsira nebasa iri. Nmap ndiyo de facto standard Zenmap inomira pachena nekurongeka kwayo, maitiro akasiyana-siyana, uye injini yekunyora, uye inopa graphical interface kune avo vanosarudza kudzivirira iyo console.

Iyo Nmap Inoshanda (Izvo Zvinokosha Zvaunoda Kuziva)

Nmap inoona zvishandiso nemasevhisi pamanetiweki emunharaunda neInternet, uye inogona tsvaga madoko, shanduro dzebasa, uye kunyange kufungidzira sisitimu yekushandisaIyo muchinjika-chikuva (Linux, Windows, macOS) uye inotsigira IPv4 uye IPv6, ichishanda nezvose zviri zviviri zvinangwa uye hukuru hukuru.

Zviteshi zvinoonekwa nematunhu akakosha kunzwisisa: vhura (sevhisi iri kuteerera), yakavharwa (inowanika asi isina sevhisi)uye yakasvibiswa (firewall inodzivirira kuziva)Zvichienderana nehunyanzvi, vanogona kuoneka vakasanganiswa se open|sefa o yakavharwa|sefa.

Panyaya yehunyanzvi, inotsigira TCP SYN (inokurumidza uye yakangwara) scans, TCP yekubatanidza (yakazara kubatana), UDP, uye mashoma akajairika modes senge. FIN, NULL, Xmas, ACK kana SCTPInoita zvakare kuwanikwa kwevaenzi uchishandisa TCP/UDP/ICMP pings uye inoteedzera network nzira.

Pamusoro pekuverenga, Nmap inosanganisira NSE (Nmap Scripting Engine) Yezviyedzo zveotomatiki: kubva pakunyorwa kwekutanga kusvika kune macheki ekugadzirisa uye, nekuchenjerera kukuru, kutariswa kwekusagadzikana. Gara zvishandise zvine hutsika.

Kuisa uye kuseta mumaminitsi

PaLinux, Nmap iri mune huru repositori, saka zvese zvaunoda ndeye sudo apt install nmap (Debian/Ubuntu) kana murairo wakaenzana we distro yako. Vhura iyo package maneja uye mese magadzirira.Chinhu chechokwadi.

PaWindows uye macOS, dhawunirodha kubva kune yayo yepamutemo webhusaiti uye zadzisa iyo wizard. Installation iri nyore Uye, kana uchida, unogona kuwedzera Zenmap yeruzivo rwemifananidzo ine predefined scanning profiles.

Kurumidza uye kunoshanda scans: mirairo iwe yaunoda chaizvo

Kuti utarise nekukurumidza kune mugamuchiri: nmap Iyi mbiri inotarisa zviteshi zvakanyanya uye inokuratidza kuti ndeapi akavhurika. Yakanaka semufananidzo wekutanga tisati tapinda zvakadzama.

Kana iwe uchida kudzikamisa ports: nmap -p 20-200 192.168.1.2Unogona kunyora chaiwo (-p 22,80,443) chero kunyangwe munhu wese (-p 1-65535), uchiziva kuti zvichatora nguva yakareba.

Kuti udzidze nezve masevhisi neshanduro, wedzera -sVuye ye kuona iyo inoshanda sisitimu, -O (zviri nani neropafadzo): nmap -sV -O 192.168.1.2Kana iwe uchida kuenda "full throttle," iyo mbiri -A zvinosanganisa -sV, -Odefault zvinyorwa uye --traceroute.

Pane firewall here? Edza nzira dzinobatsira kurongedza kusefa, senge -sA (ACK) kana nzira dzekuwana ne -PS/-PA/-PU/-PE. Kune network yakakura kwazvoRongedza kumhanya ne -T0..-T5 uye inomisa zviteshi ne --top-ports.

Kuwanikwa kwekugamuchira uye kusarudzwa kwechinangwa

Kuti uzive zvinorarama pane subnet unogona kushandisa ping-scan: nmap -sn 192.168.1.0/24. Iwe uchawana runyorwa rwemichina inoshanda uye iwe unogona kutarisa pfuti yako pane izvo zvinokufadza iwe.

Kana iwe ukabata makuru mazita, shandisa -iL kuverenga zvinangwa kubva mufaira uye --exclude o --excludefile kudzivisa zvisingafaniri kubatwa. Randomize vagamuchiri ne --randomize-hosts Inogona kubatsira mune zvimwe zvirwere.

Kuturikira mhinduro senyanzvi

Kuti chiteshi vhura Inoratidza sevhisi yekuteerera uye inogona kuitika. Yakavharwa Zvinoratidza kuti muenzi ari kudaira, asi hapana sevhisi; inobatsira pakuonekwa kweOS uye pakusarudza kana kusefa nefirewall. Yakasefetwa Izvi zvinoratidza kuti kutonga kwepakati kuri kuvharira kana kusapindura, saka Nmap haigone kuvimbisa nyika.

Yeuka kuti Kuonekwa kweOS hakusi kutadzaIzvo zvinoenderana ne latency, zvigunwe zvemunwe, uye zvepakati zvishandiso. Rishandise senhungamiro, kwete sechokwadi chakakwana.

NSE: Zvinyorwa zvinobatsira uye kushandiswa zvine musoro

NSE mapoka manyoro nemapoka: default (zvakakosha), mvumo (kutendeseka), kuwanikwa (kuzivikanwa), yakachengeteka (asingapindire), intrusive (zvinogona kuita ruzha), vuln (kuongororwa kwekusagadzikana), malware/backdoor (zviratidzo zvekuzvipira) nevamwe. Unogona kuvadaidza navo --script uye fambisa nharo navo --script-args.

Zviri kuyedza kukanda zvese kunze uko, asi dzivirira ruzha rusina basa: zvinyorwa zvisingaperi uye izvo zviri muchikamu chakachengeteka Vanopa kuoneka kwepamusoro nekuderera kwemaitiro. Ongororo dzakatarisana nenjodzi dzakakosha, asi simbisa zvawanikwa uye woita zvine hungwaru kudzivirira manyepo.

Pane zvinyorwa zvinoedza kumanikidza zvitupa kana kuyedza mamiriro ane hukasha. Usaite zviito zvinokanganisa pasina mvumo yakajekaInoganhurira mashandisiro ayo kune zvigadziriso zverabhoritari kana kudzora maekisesaizi nemvumo.

Featured scanning types

-sS (SYN): nekukurumidza uye "hafu-yakavhurika", haipedzi kubata ruoko, inobatsira zvikuru pakuverenga pachiteshi. Ideal balance pakati pekukurumidza uye zvakadzama.

-sT (TCP batanidza)Inoshandisa iyo system stack kupedzisa kubatana; zvinonyanya kuoneka, asi hapana ropafadzo dzinodiwa high.

-sU (UDP)Yakakosha kumasevhisi akaita seDNS, SNMP, uye DHCP. Inononoka nekuda kwechimiro cheUDP, saka define ports kana kushandisa --top-ports kukurumidza.

Mamwe mashoma akajairika (FIN/NULL/Xmas/ACK, SCTP, IP protocol) batsira kurongedza kusefa kare. nzwisisa kuti firewall inoongorora seiVashandise serutsigiro kana nzira huru isingajekese nyika.

Kuita, tsanangudzo uye kubuda kwemigumisiro

Nguva profiles -T0..-T5 Vanogadzirisa cadence (paranoid, stealthy, normal, aggressive, kupenga). Tanga neT3 uye inogadzirisa zvinoenderana ne latency uye saizi yechinangwa.

Levels of verbosity -v uye kugadzirisa -d Vanokubatsira kuona zvinoitika panguva yekuongorora. Nekuda kwemavara akanaka, --packet-trace Inoratidza mapakeji anobuda uye anodzoka.

Kuti uchengetedze mhinduro: -oN (inoverengwa), -oX (XML), -oG (grepable) kana -oA (zvose panguva imwe chete). Nguva dzose tumira kunze kana uchizoenzanisa scans nekufamba kwenguva.

Zvakadini ne firewall/IDS bypass?

Nmap inopa sarudzo dzakadai se -f (kuparadzana), kunyengera (-D), kunyepedzera kunobva IP kero (-S), --g (chiteshi chengarava) kana --spoof-mac. Aya ndiwo maitiro epamusoro ane pamutemo uye anoshanda maitiroKuongorora kwemukati kwekudzivirira hakuwanzodikanwa; tarisa pakuonekwa uye kugadzirisa.

Zenmap: Nmap ine graphical interface

Zenmap inopa mafaera akadai se "Quick Scan", "Intense", "TCP/UDP" uye inopa ma tabo e Nmap Output, Ports/Services, Topology, Details, uye Saved ScansYakanakira kunyora zvakawanikwa uye kune avo vanoda kuona iyo topology nekudzvanya.

Zvimwe zvishandiso zvinowedzera

Mune masisitimu emuno, ss y netstat Vanoratidza zvigadziko zvekuteerera uye zviteshi. Semuyenzaniso, ss -tulnp TCP/UDP yekuteerera runyoro nePID, uye unogona kusefa nechiteshi kana protocol. lsof -i Izvo zvinobatsirawo pakubatanidza zvinongedzo kune maitiro.

Kutarisa kubatana kune imwe nzvimbo iri kure, telnet host puerto kana vamwe vatengi vanogona kushandira (nehanya, kubvira Telnet haina encryptWireshark inobatsira kuona traffic uye kunzwisisa kuti sei chimwe chinhu chisiri kupindura kana kuti firewall inochisefa sei.

Pakati pedzimwe nzira, Masscan Iyo inomira pachena nekumhanya kwayo (yakakura scans munguva pfupi), Fing/Fingbox yekukurumidza hevhesi uye kutonga kumba, Hasha IP Scanner nokuda kwekureruka kwayo, uye WinMTR kuongorora nzira uye latency. scapey Iine simba rekugadzirisa mapakeji uye kuedza.

Kana iwe uchida chimwe chinhu chiri nyore, TCPing inokubvumira kuti utarise kuwanikwa kweTCP sekunge uri pinging ports. Zviri nyore kune imwe-off check-ins.kunyange zvazvo isingatsivi scan yakazara.

WiFi network kuongororwa

Kunyangwe isu tichiwanzo funga nezve wired, Nmap inoshandawo zvisina waya. Ziva zvishandiso zvakabatana kune routerInotarisa nharembozha, IoT, uye AP ports uye inobatsira kuona isina kusimba zvigadziriso (semuenzaniso, zvisina basa masevhisi akafumurwa).

Ramba uchifunga mupfungwa DHCP dynamic range uye rudzi rwe network encryption. Yakasanganiswa neWireshark inobata kana masutu seAircrack-ng mumarabhu anodzorwa, iwe unenge uine mufananidzo wakazara wenzvimbo.

Maitiro akanaka ekuomesa

1) Zvishoma zvinodiwaUsavhure chero chinhu chausiri kuzoshandisa. Kana sevhisi isingachadiwi, dzima uye uvhare chiteshi chayo.

2) MafirewallInosefa traffic inouya/inobuda zvichienderana nebasa remudziyo. Pama routers, inotsanangura mitemo yakajeka uye inodzivirira kudzokororwa kusingakoshi. Inosimbisa kubva painternet kuti chii chinofanira kuvharwa chakanyatsovharwa.

3) Zvichangobva KugadzirwaInoshandisa zvigamba zvehurongwa, router firmware, uye masevhisi akaburitswa. Mazhinji ekukanganisa anoshandisa shanduro dzekare nemaCVE anozivikanwa.

4) Kutarisa: inoronga nguva nenguva uye inochengetedza mhinduro mukati -oA kuenzanisa. Kana chiteshi chikaonekwa chisipo kare, ongorora shanduko.

5) Mitemo uye kudzidziswaMumakambani, tsanangura kuti ndiani anoongorora, rini, uye nemaprofiles api. Dzidzisa vashandi mukushandisa zvine hungwaru kweNSE uye manejimendi ezvakawanikwa, uye maitiro ekugadzirisa zvinyorwa.

Zvakanakira uye zvinogumira zveNmap

Zvakanakisa: Yemahara, inochinjika, uye inokwanisa zvikuruTsvaga zviteshi, shanduro, OS, batanidza zvinyorwa, uye kutumira kunze nemazvo. Icho chishandiso chekuenda kune admins, maodhita, uye zvikwata zvinopindura.

Izvo zvakaderera: zvinogona kudaro yakavharwa nefirewall, gadzira ruzha mumatanda Kana iwe uchinyanya hutsinye, OS/sevhisi yekuona haina kukwana nguva dzose. Uyezve, mamwe maturusi (semuenzaniso, maindasitiri kana zvekurapa) izvo Havabvumiri intrusive scans zvakanaka.

Kurumidza 5-mineti cheki (yakachengeteka uye inoshanda)

1) Tsvaga mauto anoshanda ne nmap -sn 192.168.1.0/24. Sarudza dzinokufadza yedanho rinotevera.

2) Common ports ne nmap -sS o --top-ports 1000 kutarisa pane zvakajairwa. Watova nemepu yekutanga.

3) Wedzera -sV kuwana mavhezheni akavhurika uye -O kana iwe uchida iyo operating system profile. Export ne -oA kuchengetedza humbowo.

4) Kana iwe ukaona chimwe chinhu chisina kujairika (semuenzaniso, yakavhurika 23/tcp telnet), tarisa sevhisi uye uvhare / kusefa kana isina kukosha. Shandisa zvigamba nemitemo kana shanduro yasakara.

Mirairo uye sarudzo dzinobatsira kuva nazvo

Kuwanikwa: -PS (SYN ping), -PA (ACK), -PU (UDP), -PE (ICMP Echo), --traceroute (nzira). Inobatsira pakuronga chiyero uye kuona kuvharika kwepakati.

Port techniques: -sS, -sT, -sU, -sA, -sN/-sF/-sX, -sO. Sarudza maererano nechinangwa uye zvakatipoteredza.

Kusarudzwa kwechiteshi: -p (range/rondedzero), --top-ports n, -F (runyoro rwekukurumidza rwe100 inonyanya kuzivikanwa), -r (sequential). Isa nguva parutivi.

Service/SO: -sV, --version-all, --version-trace, -O, --max-os-tries, --fuzzy. Inobatsira pakutsanangura kwakanaka.

Kubuda: -oN, -oX, -oG, -oA, --resume. Usakanganwa kuchengetedza uye kukwanisa kutangazve kana ikavhiringwa.

Tarisa madoko kubva kune system (Windows / Linux)

PaWindows, ine PowerShell kana CMD, netstat -ano Rondedzero yekubatanidza uye yekuteerera ports nePID. Sefa nemaitiro uye anoona kuti ndiani anovhura chii.

PaLinux/macOS, ss -tulnp Inounganidza chinhu chimwe chete nenzira yemazuva ano, uye lsof -i Inobvumira kuyambuka maitiro uye zvigadziko. Izvo zvakakosha pakuenzanisa zviwanikwa kubva pakuongorora nemasevhisi chaiwo.

Firewalls: Vhara zvausingade

Muzvikwata, tsanangura mitemo yekupinda/kubuda nesevhisi uye chimiro (semuenzaniso, “dzikamisa SSH kuwana kune yakavimbika IPs"). Pa routerIyo inodzora kutumira kwechiteshi uye inodzivirira kufumura mapaneru kana masevhisi nekusarudzika. Simbisa kubva painternet neNmap kuti chaunotenda kuti chakavharwa chakavharwa.

Kiyi yekuongororwa kwakanaka kwechiteshi kusanganisa kuoneka, kutonga, uye kuenderana: Ona zvakavhurika, nzwisisa kuti sevhisi iri kuseri kwaro ndeipi, sarudza kana ichifanira kuvhurika, uye chengeta ichivandudzwa.NeNmap/Zenmap, masisitimu ekushandisa, uye yakanaka mafirewall maitiro, unogona kuderedza kuratidzwa kwako mumaminetsi uye kuichengeta iri pasi pesimba nekuongororwa nguva dzose. Skena nehungwaru, nyora shanduko dzako, uye usarege chiteshi chakakanganikwa chive gedhi remusoro wako unotevera.