Centos verifica porturile deschise
Dec. 16, 2015, 3:10 p.m. centos
Centos 7 cum verificam ce porturi sunt deschise
Este recomandat să folosim nmap pentru a afla ce porturi avem deschise pe sistemul nostru. Dacă avem OS X va trebui să folosim brew pentru a instala nmap:
92-168-0-104:~ razvansky$ nmap
-bash: nmap: command not found
192-168-0-104:~ razvansky$ brew install nmap
==> Installing dependencies for nmap: openssl
==> Installing nmap dependency: openssl
==> Downloading https://homebrew.bintray.com/bottles/openssl-1.0.2e.yosemite.bottle.tar.gz
######################################################################## 100.0%
==> Pouring openssl-1.0.2e.yosemite.bottle.tar.gz
==> Caveats
A CA file has been bootstrapped using certificates from the system
keychain. To add additional certificates, place .pem files in
/usr/local/etc/openssl/certs
and run
/usr/local/opt/openssl/bin/c_rehash
This formula is keg-only, which means it was not symlinked into /usr/local.
Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries
Generally there are no consequences of this for you. If you build your
own software and it requires this formula, you'll need to add to your
build variables:
LDFLAGS: -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include
==> Summary
🍺 /usr/local/Cellar/openssl/1.0.2e: 465 files, 17M
==> Installing nmap
==> Downloading https://homebrew.bintray.com/bottles/nmap-7.00.yosemite.bottle.tar.gz
######################################################################## 100.0%
==> Pouring nmap-7.00.yosemite.bottle.tar.gz
==> Caveats
Python modules have been installed and Homebrew's site-packages is not
in your Python sys.path, so you will not be able to import the modules
this formula installed. If you plan to develop with these modules,
please run:
mkdir -p /Users/razvansky/Library/Python/2.7/lib/python/site-packages
echo 'import site; site.addsitedir("/usr/local/lib/python2.7/site-packages")' >> /Users/razvansky/Library/Python/2.7/lib/python/site-packages/homebrew.pth
==> Summary
🍺 /usr/local/Cellar/nmap/7.00: 713 files, 24M
192-168-0-104:~ razvansky$ nmap -sT -O localhost
TCP/IP fingerprinting (for OS scan) requires root privileges.
QUITTING!
192-168-0-104:~ razvansky$ sudo nmap -sT -O localhost
Password:
Starting Nmap 7.00 ( https://nmap.org ) at 2015-12-16 17:15 EET
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000067s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 963 closed ports, 29 filtered ports
PORT STATE SERVICE
88/tcp open kerberos-sec
445/tcp open microsoft-ds
631/tcp open ipp
3689/tcp open rendezvous
8000/tcp open http-alt
20005/tcp open btx
49153/tcp open unknown
49154/tcp open unknown
Device type: general purpose
Running: Apple Mac OS X 10.7.X
OS CPE: cpe:/o:apple:mac_os_x:10.7.2
OS details: Apple Mac OS X 10.7.2 (Lion) (Darwin 11.2.0)
Network Distance: 0 hops
OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 7.29 seconds
Pentru mai multe informații despre verificarea porturilor cu nmap pentru CentOS în limba engleză.
PS Nu ar fi rau daca am deschis SSH pe portul standard 22 sa instalam si fail2ban:
$ sudo yum install fail2ban
# setăm un fisier config jail pentru sshd:
$ sudo vi /etc/fail2ban/jail.d/sshd.local
$ sudo systemctl restart fail2ban
$ sudo fail2ban-client status
Status
|- Number of jail: 1
`- Jail list: sshd
$ sudo fail2ban-client status sshd
Status for the jail: sshd
|- Filter
| |- Currently failed: 0
| |- Total failed: 5742
| `- File list: /var/log/secure
`- Actions
|- Currently banned: 6
|- Total banned: 6
`- Banned IP list: 195.154.104.191 218.200.188.213 124.133.2.85 193.104.41.54 218.65.30.92 5.189.171.29