Nmap Vs Portsentry And Kill Port

-
Goodnight loyal readers art explo1t , this evening I returned to write a simple post but be bad if we leave it alone. before attackers exploit should first perform port scanning against their targets through the slit to know where they will infiltrate.

Equipment:
1. Nmap
2. Portsentry
3. Fuser

Here I use the Kali Linux operation system, so both the above equipments have been installed by default unless portsentry and we have to install it manually.

I did the following test:
nmap -sV localhost

nmap -T4 -A -v localhost


Seen in the picture above, nmap managed to find 4 open ports, and whether to enable portsentry can affect the workings of nmap. let's rock =))

Install Portsentry:
# apt-get install portsentry

then edit portsentry.conf
# nano /etc/portsentry/portsentry.conf

Configuration blocking UDP / TCP scans to ignore options. search this section :
BLOCK_UDP="0"
BLOCK_TCP="0"

then replace with this:
BLOCK_UDP="1"
BLOCK_TCP="1"
The case serves to block TCP and UDP port scanning.

blocking configuration with the host in order to block the connection Ipchain. subsequent search this section and uncheck #
KILL_ROUTE="/sbin/iptables -I INPUT -s $TARGET$ -j DROP"
To reject clicking attacker host connections using iptables when caught doing scanning activities

Filtering configuration with TCP wrapper host. subsequent search this section and uncheck #
KILL_HOSTS_DENY="ALL: $TARGET$ : DENY"
IP filter acces host attacker when caught doing port scanning on a network.

then save the settings above and starting a portsentry:
# service portsentry start
or
# /etc/init.d/portsentry start
so, i then re-scan using nmap like the first step of the above:
# nmap -sV localhost


# nmap -T4 -A -v localhost

Seen in the picture above portsentry successfully manipulate the port scanning is done by Nmap

To Determine the activity of the portsentry data through syslog:
# tail -f /var/log/syslog


Further to close open ports ports can use the fuser:
# nmap -O localhost

seen on the picture above to ssh port 22 is open, then I will kill the port:
# fuser -k 22/tcp

options -k for kill port
after killing the port and then I look back on open ports:
seen in the picture above that the port 22 for ssh has been closed


Regards Exploit:
Hidemichi-Hiroyuki a.k.a [H2]

Comments

Post a Comment

Do Not Fuckin Spamming

Popular posts from this blog

Decrypt MD5 $Wordpress

-
Image
Hy, I'm back again. I will discuss how to Decrypt a password in the form the MD5 hash wordpress. here are some examples of hash md5 encryption wordpress will we Decrypt: HASH                                                                                  PASS $P$BDHjLCEroc8ujkcs8RZxOhcE80aV5h.           : th3sweety0ne  $P$BPXNfl3mZiO7PZc4XZqFFjX7TyP7Lh.           : Pabl0-saChez $P$BqilSln8PD9SBFuTx8KkaXz62aIIvV/             : m4rim4r123 $P$BnfObieGq5ygdt0OMgwbnKvFt8EFUs.          : Gh0stTrac3 $P$B.RwpJQV8ANOyl19RGHhCaYYgJyvQM1  : *12345*0a0b0c0d many of my friends are overwhelmed when decrypt wordpress md5 hash. so are they wasting their jobs because the...
Read more

Exploit Samba "SmbClient"

-
Image
Such as FTP (File Transfer Protocol) samba include things like getting files from the server to the local machine, putting files from the local machine to the server, retrieving directory information from the server and so on. in this case we have to get the victim to allow shared folders or files. Equipments : 1. SmbClient 2. Nmap 3. Metasploit The firstStep. scanning port the victim's ip-address using Nmap. in here that we need right port is port   445  microsoft-ds. # Nmap (Victim Ip-Address) seen in the picture above. I am lucky :) now, let us look the contents of the port # nmap -p445 --script=smb-os-discovery (Victim Ip-Address) --script=smb-os-discovery : Attempts to determine the operating system, computer name, domain, workgroup, and current time over the SMB protocol (ports 445 or 139) . seen in the picture above, it turns out the victim we use Operating System Windows 7 Ultimate.  Computer Name And NetBIOS Name is a ANONYMOUS-...
Read more

Configure Pure-FTP on Kali Linux

-
Image
FTP or file transfer protocol is a protocol that allows you to transfer files to and from a remote machine. BackTrack has pure-FTPd installed by default. FTP operates on port 21. Contents : 1. Installasion 2. Configuration 3. Run Installation Pure-Ftpd # apt-get install pure-ftpd Installation Success =)) Configure Ftpd add new group: # groupadd ftpgroup add user: # useradd -g ftpgroup -d /dev/null -s /etc ftpuser -g =  name or ID of the primary group of the new account -d = home directory of the new account -s = login shell of the new account configure store a list of users: # pure-pw useradd myftp -u ftpuser -d /home/ftp/pub/myftp myftp = your ftp username please enter you password. configure puredb database file # pure-pw mkdb The next entry to the directory /etc/pure-ftpd/auth/ # cd /etc/pure-ftpd/auth then Create hard links by default: # ln -s ../conf/PureDB 60pdb then, make a directory /ftp...
Read more