the_g_cat Posté(e) le 23 mars 2004 Partager Posté(e) le 23 mars 2004 'jour !! Voilà, j'ai un routeur/firewall sous linux, et je voulais juste, si certains d'entre vous s'y connaissent assez, avoir un petit audit de sécurité (savoir si il tient la route quoi ...). MP pour l'adresse !! Merci Lien vers le commentaire Partager sur d’autres sites More sharing options...
Dark26 Posté(e) le 23 mars 2004 Partager Posté(e) le 23 mars 2004 http://www.auditmypc.com/freescan/scanoptions.asp il ya plein d'autres sites pour ça ... Lien vers le commentaire Partager sur d’autres sites More sharing options...
Dark26 Posté(e) le 23 mars 2004 Partager Posté(e) le 23 mars 2004 aqu pire tu tapes iptables -L et tu es fixé Lien vers le commentaire Partager sur d’autres sites More sharing options...
the_g_cat Posté(e) le 23 mars 2004 Auteur Partager Posté(e) le 23 mars 2004 Ca fait quoi iptables -L ?? Et pis l'autre site fait un scan de ports, et ça, j'avais déjà fait ... Lien vers le commentaire Partager sur d’autres sites More sharing options...
Dark26 Posté(e) le 23 mars 2004 Partager Posté(e) le 23 mars 2004 Si tu es sous linux, tu as 90 % de chances que ton firewall se base sur iptable.. iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:6666 ACCEPT udp -- anywhere anywhere udp dpt:6666 ACCEPT tcp -- anywhere anywhere tcp dpt:6882 ACCEPT udp -- anywhere anywhere udp dpt:6882 ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- anywhere anywhere tcp dpt:www ACCEPT tcp -- anywhere anywhere tcp dpt:smtp Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ensuite suffit de lire et de décryter ..... on voit les ports ouvert de la machine ici 6666, 6882, hhtps ( 443), www ( 80) , smtp ( 25) voila Lien vers le commentaire Partager sur d’autres sites More sharing options...
the_g_cat Posté(e) le 23 mars 2004 Auteur Partager Posté(e) le 23 mars 2004 root@ipcop:~ # iptables -LChain INPUT (policy DROP) target prot opt source destination ipac~o all -- anywhere anywhere BADTCP all -- anywhere anywhere tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 10/sec burst 5 CUSTOMINPUT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- 127.0.0.0/8 anywhere DROP all -- anywhere 127.0.0.0/8 ACCEPT all -- anywhere anywhere state NEW ACCEPT all -- anywhere anywhere DHCPBLUEINPUT all -- anywhere anywhere IPSECRED all -- anywhere anywhere IPSECBLUE all -- anywhere anywhere WIRELESSINPUT all -- anywhere anywhere RED all -- anywhere anywhere XTACCESS all -- anywhere anywhere state NEW LOG all -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning prefix `INPUT ' Chain FORWARD (policy DROP) target prot opt source destination ipac~fi all -- anywhere anywhere ipac~fo all -- anywhere anywhere BADTCP all -- anywhere anywhere TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU CUSTOMFORWARD all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere state NEW ACCEPT all -- anywhere anywhere WIRELESSFORWARD all -- anywhere anywhere PORTFWACCESS all -- anywhere anywhere state NEW LOG all -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning prefix `OUTPUT ' Chain OUTPUT (policy ACCEPT) target prot opt source destination ipac~i all -- anywhere anywhere Chain BADTCP (2 references) target prot opt source destination PSCAN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG PSCAN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE PSCAN tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN PSCAN tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST PSCAN tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN NEWNOTSYN tcp -- anywhere anywhere tcp flags:!SYN,RST,ACK/SYN state NEW Chain CUSTOMFORWARD (1 references) target prot opt source destination Chain CUSTOMINPUT (1 references) target prot opt source destination Chain DHCPBLUEINPUT (1 references) target prot opt source destination Chain DMZHOLES (0 references) target prot opt source destination Chain IPSECBLUE (1 references) target prot opt source destination Chain IPSECRED (1 references) target prot opt source destination Chain LOG_DROP (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning DROP all -- anywhere anywhere Chain LOG_REJECT (0 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain NEWNOTSYN (1 references) target prot opt source destination LOG all -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning prefix `NEW not SYN? ' DROP all -- anywhere anywhere Chain PORTFWACCESS (1 references) target prot opt source destination ACCEPT tcp -- anywhere 192.168.0.102 tcp dpt:4662 ACCEPT udp -- anywhere 192.168.0.102 udp dpt:rfa Chain PSCAN (5 references) target prot opt source destination LOG tcp -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning prefix `TCP Scan? ' LOG udp -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning prefix `UDP Scan? ' LOG icmp -- anywhere anywhere limit: avg 10/min burst 5 LOG level warning prefix `ICMP Scan? ' LOG all -f anywhere anywhere limit: avg 10/min burst 5 LOG level warning prefix `FRAG Scan? ' DROP all -- anywhere anywhere Chain RED (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp spt:bootps dpt:bootpc ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc Chain WIRELESSFORWARD (1 references) target prot opt source destination Chain WIRELESSINPUT (1 references) target prot opt source destination Chain XTACCESS (1 references) target prot opt source destination ACCEPT tcp -- anywhere ip53.168.1211H-CUD12K-02.ish.de tcp dpt:ident Chain ipac~fi (1 references) target prot opt source destination all -- anywhere anywhere all -- anywhere anywhere Chain ipac~fo (1 references) target prot opt source destination all -- anywhere anywhere all -- anywhere anywhere Chain ipac~i (1 references) target prot opt source destination all -- anywhere anywhere all -- anywhere anywhere Chain ipac~o (1 references) target prot opt source destination all -- anywhere anywhere all -- anywhere anywhere Bon, je me lance dans le décryptage (peut-être qu'en demandant au décrypton ) ... Lien vers le commentaire Partager sur d’autres sites More sharing options...
Messages recommandés
Archivé
Ce sujet est désormais archivé et ne peut plus recevoir de nouvelles réponses.