Ismaele
11.03.2014, 16.22
Salve a tutti,
e' la prima volta che posto qui sul forum che trovo ricco di informazioni e ben organizzato.
Vi disturbo xche' vorrei sapere come stoppare da shell almeno il servizio Joomla! e Apache, che per il momento non mi occorrono.
Inoltre non capisco xche' sia perennemente in stato LISTENING anche la porta 53 sul VPS
Riporto di seguito l'output di nmap :
--------------------------------------
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-11 16:18 ora solare Europa occidentale
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Ping Scan at 16:18
Scanning 176.31.184.xxx [4 ports]
Completed Ping Scan at 16:18, 0.21s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 16:18
Completed Parallel DNS resolution of 1 host. at 16:18, 0.02s elapsed
Initiating SYN Stealth Scan at 16:18
Scanning xxx.ip-176-31-184.eu (176.31.184.xxx) [65535 ports]
Discovered open port 80/tcp on 176.31.184.xxx
Discovered open port 53/tcp on 176.31.184.xxx
Discovered open port 22/tcp on 176.31.184.xxx
Discovered open port 3690/tcp on 176.31.184.xxx
SYN Stealth Scan Timing: About 16.98% done; ETC: 16:21 (0:02:32 remaining)
Increasing send delay for 176.31.184.xxx from 0 to 5 due to max_successful_tryno increase to 5
Increasing send delay for 176.31.184.xxx from 5 to 10 due to max_successful_tryno increase to 6
Warning: 176.31.184.xxx giving up on port because retransmission cap hit (6).
SYN Stealth Scan Timing: About 17.55% done; ETC: 16:24 (0:04:47 remaining)
SYN Stealth Scan Timing: About 20.42% done; ETC: 16:26 (0:05:55 remaining)
SYN Stealth Scan Timing: About 24.18% done; ETC: 16:27 (0:06:19 remaining)
SYN Stealth Scan Timing: About 44.74% done; ETC: 16:29 (0:05:53 remaining)
SYN Stealth Scan Timing: About 52.51% done; ETC: 16:30 (0:05:21 remaining)
SYN Stealth Scan Timing: About 58.68% done; ETC: 16:30 (0:04:46 remaining)
SYN Stealth Scan Timing: About 64.43% done; ETC: 16:30 (0:04:11 remaining)
SYN Stealth Scan Timing: About 69.87% done; ETC: 16:30 (0:03:35 remaining)
SYN Stealth Scan Timing: About 75.32% done; ETC: 16:30 (0:02:58 remaining)
SYN Stealth Scan Timing: About 80.76% done; ETC: 16:31 (0:02:20 remaining)
SYN Stealth Scan Timing: About 85.90% done; ETC: 16:31 (0:01:44 remaining)
SYN Stealth Scan Timing: About 91.14% done; ETC: 16:31 (0:01:05 remaining)
Completed SYN Stealth Scan at 16:31, 745.20s elapsed (65535 total ports)
Initiating Service scan at 16:31
Scanning 4 services on xxx.ip-176-31-184.eu (176.31.184.xxx)
Completed Service scan at 16:31, 11.18s elapsed (4 services on 1 host)
Initiating OS detection (try #1) against xxx.ip-176-31-184.eu (176.31.184.xxx)
Retrying OS detection (try #2) against xxx.ip-176-31-184.eu (176.31.184.xxx)
Initiating Traceroute at 16:31
Completed Traceroute at 16:31, 3.02s elapsed
Initiating Parallel DNS resolution of 12 hosts. at 16:31
Completed Parallel DNS resolution of 12 hosts. at 16:31, 0.11s elapsed
NSE: Script scanning 176.31.184.xxx.
Initiating NSE at 16:31
Completed NSE at 16:31, 2.66s elapsed
Nmap scan report for xxx.ip-176-31-184.eu (176.31.184.xxx)
Host is up (0.051s latency).
Not shown: 65353 closed ports, 178 filtered ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 6.0p1 Debian 4 (protocol 2.0)
| ssh-hostkey: 1024 73:a9:61:1a:07:c5:00:da:7b:03:3e:38:d7:fe:59:d7 (DSA)
|_2048 3d:97:8a:ee:36:83:06:1b:94:6e:ec:35:2f:59:08:d4 (RSA)
53/tcp open domain
| dns-nsid:
|_ bind.version: 9.8.4-rpz2+rl005.12-P1
80/tcp open http Apache httpd
|_http-favicon: Unknown favicon MD5: 8894791E84F5CAFEBD47311D14A3703C
|_http-generator: Joomla! - Open Source Content Management
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
|_http-title: Home
3690/tcp open svnserve Subversion
Aggressive OS guesses: Linux 2.6.32 - 3.9 (96%), Linux 2.6.32 (94%), Linux 2.6.32 - 3.2 (94%), Linux 3.0 - 3.9 (94%), Linux 2.6.32 - 3.6 (94%), Linux 3.0 - 3.1 (93%), Linux 2.6.38 - 3.0 (93%), Linux 3.8 (92%), Linux 2.6.39 (92%), Netgear DG834G WAP or Western Digital WD TV media player (92%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 14.059 days (since Tue Feb 25 15:06:11 2014)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=259 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 1025/tcp)
HOP RTT ADDRESS
1 1.00 ms 192.168.1.1
2 2.00 ms 10.141.84.201
3 23.00 ms 10.140.85.33
4 23.00 ms 10.255.254.46
5 39.00 ms Asbr1.core1-Ge0-0-0.welcomeitalia.it (80.93.131.1)
6 40.00 ms 6-2-1.bear1.Italy2.Level3.net (212.133.7.17)
7 45.00 ms ae-12-12.ebr4.Frankfurt1.Level3.net (4.69.142.222)
8 56.00 ms ae-64-64.csw1.Frankfurt1.Level3.net (4.69.163.18)
9 ... 10
11 57.00 ms rbx-g2-a9.fr.eu (178.33.100.250)
12 57.00 ms rbx-s10-6k.fr.eu (178.33.100.126)
13 57.00 ms 222.ip-176-31-184.eu (176.31.184.222)
14 55.00 ms xxx.ip-176-31-184.eu (176.31.184.xxx)
NSE: Script Post-scanning.
Initiating NSE at 16:31
Completed NSE at 16:31, 0.00s elapsed
Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 770.34 seconds
Raw packets sent: 67273 (2.962MB) | Rcvd: 66972 (2.714MB)
-------------------------------------------------------------------------------------------------------------------------------------
Il sistema operativo e' un Debian Wheezy
Grazie a tutti per l'attenzione e l'eventuale aiuto.
Ismaele
e' la prima volta che posto qui sul forum che trovo ricco di informazioni e ben organizzato.
Vi disturbo xche' vorrei sapere come stoppare da shell almeno il servizio Joomla! e Apache, che per il momento non mi occorrono.
Inoltre non capisco xche' sia perennemente in stato LISTENING anche la porta 53 sul VPS
Riporto di seguito l'output di nmap :
--------------------------------------
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-11 16:18 ora solare Europa occidentale
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Ping Scan at 16:18
Scanning 176.31.184.xxx [4 ports]
Completed Ping Scan at 16:18, 0.21s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 16:18
Completed Parallel DNS resolution of 1 host. at 16:18, 0.02s elapsed
Initiating SYN Stealth Scan at 16:18
Scanning xxx.ip-176-31-184.eu (176.31.184.xxx) [65535 ports]
Discovered open port 80/tcp on 176.31.184.xxx
Discovered open port 53/tcp on 176.31.184.xxx
Discovered open port 22/tcp on 176.31.184.xxx
Discovered open port 3690/tcp on 176.31.184.xxx
SYN Stealth Scan Timing: About 16.98% done; ETC: 16:21 (0:02:32 remaining)
Increasing send delay for 176.31.184.xxx from 0 to 5 due to max_successful_tryno increase to 5
Increasing send delay for 176.31.184.xxx from 5 to 10 due to max_successful_tryno increase to 6
Warning: 176.31.184.xxx giving up on port because retransmission cap hit (6).
SYN Stealth Scan Timing: About 17.55% done; ETC: 16:24 (0:04:47 remaining)
SYN Stealth Scan Timing: About 20.42% done; ETC: 16:26 (0:05:55 remaining)
SYN Stealth Scan Timing: About 24.18% done; ETC: 16:27 (0:06:19 remaining)
SYN Stealth Scan Timing: About 44.74% done; ETC: 16:29 (0:05:53 remaining)
SYN Stealth Scan Timing: About 52.51% done; ETC: 16:30 (0:05:21 remaining)
SYN Stealth Scan Timing: About 58.68% done; ETC: 16:30 (0:04:46 remaining)
SYN Stealth Scan Timing: About 64.43% done; ETC: 16:30 (0:04:11 remaining)
SYN Stealth Scan Timing: About 69.87% done; ETC: 16:30 (0:03:35 remaining)
SYN Stealth Scan Timing: About 75.32% done; ETC: 16:30 (0:02:58 remaining)
SYN Stealth Scan Timing: About 80.76% done; ETC: 16:31 (0:02:20 remaining)
SYN Stealth Scan Timing: About 85.90% done; ETC: 16:31 (0:01:44 remaining)
SYN Stealth Scan Timing: About 91.14% done; ETC: 16:31 (0:01:05 remaining)
Completed SYN Stealth Scan at 16:31, 745.20s elapsed (65535 total ports)
Initiating Service scan at 16:31
Scanning 4 services on xxx.ip-176-31-184.eu (176.31.184.xxx)
Completed Service scan at 16:31, 11.18s elapsed (4 services on 1 host)
Initiating OS detection (try #1) against xxx.ip-176-31-184.eu (176.31.184.xxx)
Retrying OS detection (try #2) against xxx.ip-176-31-184.eu (176.31.184.xxx)
Initiating Traceroute at 16:31
Completed Traceroute at 16:31, 3.02s elapsed
Initiating Parallel DNS resolution of 12 hosts. at 16:31
Completed Parallel DNS resolution of 12 hosts. at 16:31, 0.11s elapsed
NSE: Script scanning 176.31.184.xxx.
Initiating NSE at 16:31
Completed NSE at 16:31, 2.66s elapsed
Nmap scan report for xxx.ip-176-31-184.eu (176.31.184.xxx)
Host is up (0.051s latency).
Not shown: 65353 closed ports, 178 filtered ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 6.0p1 Debian 4 (protocol 2.0)
| ssh-hostkey: 1024 73:a9:61:1a:07:c5:00:da:7b:03:3e:38:d7:fe:59:d7 (DSA)
|_2048 3d:97:8a:ee:36:83:06:1b:94:6e:ec:35:2f:59:08:d4 (RSA)
53/tcp open domain
| dns-nsid:
|_ bind.version: 9.8.4-rpz2+rl005.12-P1
80/tcp open http Apache httpd
|_http-favicon: Unknown favicon MD5: 8894791E84F5CAFEBD47311D14A3703C
|_http-generator: Joomla! - Open Source Content Management
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
|_http-title: Home
3690/tcp open svnserve Subversion
Aggressive OS guesses: Linux 2.6.32 - 3.9 (96%), Linux 2.6.32 (94%), Linux 2.6.32 - 3.2 (94%), Linux 3.0 - 3.9 (94%), Linux 2.6.32 - 3.6 (94%), Linux 3.0 - 3.1 (93%), Linux 2.6.38 - 3.0 (93%), Linux 3.8 (92%), Linux 2.6.39 (92%), Netgear DG834G WAP or Western Digital WD TV media player (92%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 14.059 days (since Tue Feb 25 15:06:11 2014)
Network Distance: 14 hops
TCP Sequence Prediction: Difficulty=259 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 1025/tcp)
HOP RTT ADDRESS
1 1.00 ms 192.168.1.1
2 2.00 ms 10.141.84.201
3 23.00 ms 10.140.85.33
4 23.00 ms 10.255.254.46
5 39.00 ms Asbr1.core1-Ge0-0-0.welcomeitalia.it (80.93.131.1)
6 40.00 ms 6-2-1.bear1.Italy2.Level3.net (212.133.7.17)
7 45.00 ms ae-12-12.ebr4.Frankfurt1.Level3.net (4.69.142.222)
8 56.00 ms ae-64-64.csw1.Frankfurt1.Level3.net (4.69.163.18)
9 ... 10
11 57.00 ms rbx-g2-a9.fr.eu (178.33.100.250)
12 57.00 ms rbx-s10-6k.fr.eu (178.33.100.126)
13 57.00 ms 222.ip-176-31-184.eu (176.31.184.222)
14 55.00 ms xxx.ip-176-31-184.eu (176.31.184.xxx)
NSE: Script Post-scanning.
Initiating NSE at 16:31
Completed NSE at 16:31, 0.00s elapsed
Read data files from: C:\Program Files (x86)\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 770.34 seconds
Raw packets sent: 67273 (2.962MB) | Rcvd: 66972 (2.714MB)
-------------------------------------------------------------------------------------------------------------------------------------
Il sistema operativo e' un Debian Wheezy
Grazie a tutti per l'attenzione e l'eventuale aiuto.
Ismaele