segurtasuna

txaparrotan 1456153267024 Txaparrotan | 2006-05-19 10:38

Nondik datoz birusak? Seguru al gaude sarean zehar nabegatzen?Troianoak, spyware, malware...
Demagun internet autopista dela. Eta gure ordenagailura sartzeko peajea dagoela, barrera asko dituen ordainsariak. Horietako batzuk irekita daude, beste batzuk ez.
Zer sartzen da horietatik? Ikus dezagun

PORT      STATE         SERVICE
25/tcp    open          smtp

Ajan, Antigen, Barok,
Email Password Sender - EPS, EPS II, Gip,
Gris, Happy99, Hpteam mail, Hybris, I love you,
Kuang2, Magic Horse, MBT (Mail Bombing Trojan),
Moscow Email trojan, Naebi, NewApt worm,
ProMail trojan, Shtirlitz, Stealth, Tapiras,
Terminator, WinPC, WinSpy, Bancos, Mitglieder,
Chimo, W32.Beagle, W32.HLLP.Sality, Rustock
Common problem(s): Clear text communications, improperly configured servers that allow email to be relayed, resulting in spam

53/tcp    open          domain
Esteems, Civcat, W32.Spybot, W32.Dasher

80/tcp    open          http
711 trojan (Seven Eleven), AckCmd, Back End,
Back Orifice 2k Plug-Ins, Cafeini, CGI Backdoor,
Executor, God Message, God Message Creator,
Hooker, IISworm, MTX, NCX,
Reverse WWW Tunnel Backdoor, RingZero,
Seeker, WAN Remote, Web Server CT,
WebDownloader, Xeory, Zombam, W32.Yaha,
Ketch, Mydoom, W32.Welchia,
W32.HLLW.Doomjuice, W32.HLLW.Heycheck,
W32.Gaobot, W32.HLLW.Polybot, W32.Beagle,
W32.Spybot, Mindos, Hexem, Eaghouse, Tabela,
W32.Ifbo, W32.Pinkton, W32.Tdiserv, W32.Bobax,
W32.Theals, Banito, W32.Lile, Darkmoon, Bifrose,
Lodear, Civcat, Muquest, W32.Feebs, Bebshell,
Hesive

137/udp   open|filtered netbios-ns
Msinit, Femot

138/udp   open|filtered netbios-dgm
W32.Spybot
139/tcp   open          netbios-ssn
God Message worm, Msinit, Netlog,
Network, Qaz, W32.HLLW.Deborms,
W32.HLLW.Moega, W32.Yaha,W32.Cissi,
W32.Reidana, W32.Licum, W32.Spybot,
W32.Kiman

443/tcp   open          https
Tabdim, W32.Kelvir, Civcat, W32.Kiman
Common problem(s): Man in the middle attack (using dsniff for example).

631/tcp   open          ipp
W32.HLLW.Gaobot, W32.HLLW.Lioten,
W32.HLLW.Deloder, W32.Slackor,
W32.HLLW.Nebiwo, W32.HLLW.Moega,
W32.HLLW.Deborms, W32.Yaha, Randex,
W32.Bolgi.Worm,W32.Cissi, W32.Welchia,
W32.HLLW.Polybot, W32.Sasser, W32.Cycle,
W32.Bobax, W32.Kibuv.Worm, W32.Korgo,
W32.Explet, Otinet, W32.Scane, W32.Aizu
Rtkit, W32.Spybot, W32.Janx, Netdepix,
W32.Wallz, W32.Mytob, W32.Ifbo, W32.Reatle,
W32.Zotob, Secefa, W32.Kiman
Common problem(s): Attacks against print servers are common, the most common IPP server CUPS has suffered a number of serious flaws over the years, many of which are due to it's PDF processing code being taken directly from xpdf (an X Windowing System based program for viewing PDF files on UNIX), from the CVE database

1024/udp  open|filtered unknown
RAT:NetSpy, Jade, Latinus, Randex,
W32.Mydoom, Lingosky

10000/tcp open          snet-sensor-mgmt
OpwinTRojan, W32.Dumaru, Nibu

Fauna hori guztia sar daiteke.
Suhesiek kontrolatzen dute barrera horien egoera, eta gainera intrusio sistema horiek ere detekta ditzakegu.
Horretarako, firestarter eta snort programak ditugu.
Baina hori geroxeago.


Leave a Comment: