iptables vs MS Forefront TMG 2010

среда, 26 августа 2020

05:49

Stalkert

И это всё МОЁ

Всем привет.

В одной компании есть древний Forefront TMG 2010 Standard. Настройки у него по умолчанию. Открытые наружу порты:

8080, 3389, 25, 480.

В другой тоже есть открытые порты и используется iptables.

С помощью nmap просканировал все порты.

Хост с Forefront:

nmap -p 1-65535 -T4 -A -v 82.162.xx.xx

Starting Nmap 7.80 ( nmap.org ) at 2020-08-26 09:05 Iineianeia a?aiy (ceia)

NSE: Loaded 151 scripts for scanning.

NSE: sсript Pre-scanning.

Initiating NSE at 09:05

Completed NSE at 09:05, 0.00s elapsed

Initiating NSE at 09:05

Completed NSE at 09:05, 0.00s elapsed

Initiating NSE at 09:05

Completed NSE at 09:05, 0.00s elapsed

Initiating Ping Scan at 09:05

Scanning 82.162.xx.xx [4 ports]

Completed Ping Scan at 09:05, 2.08s elapsed (1 total hosts)

Nmap scan report for 82.162.xx.xx [host down]

NSE: sсript Post-scanning.

Initiating NSE at 09:05

Completed NSE at 09:05, 0.00s elapsed

Initiating NSE at 09:05

Completed NSE at 09:05, 0.00s elapsed

Initiating NSE at 09:05

Completed NSE at 09:05, 0.00s elapsed

Read data files from: C:\Program Files (x86)\Nmap

Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn

Nmap done: 1 IP address (0 hosts up) scanned in 4.14 seconds

           Raw packets sent: 8 (304B) | Rcvd: 0 (0B)

Хост с iptables

nmap -p 1-65535 -T4 -A -v 193.106.xx.xx

Starting Nmap 7.80 ( nmap.org ) at 2020-08-26 09:36 Iineianeia a?aiy (ceia)

NSE: Loaded 151 scripts for scanning.

NSE: sсript Pre-scanning.

Initiating NSE at 09:36

Completed NSE at 09:36, 0.00s elapsed

Initiating NSE at 09:36

Completed NSE at 09:36, 0.00s elapsed

Initiating NSE at 09:36

Completed NSE at 09:36, 0.00s elapsed

Initiating Ping Scan at 09:36

Scanning 193.106.xx.xx [4 ports]

Completed Ping Scan at 09:36, 0.07s elapsed (1 total hosts)

Initiating Parallel DNS resolution of 1 host. at 09:36

Completed Parallel DNS resolution of 1 host. at 09:36, 0.04s elapsed

Initiating SYN Stealth Scan at 09:36

Scanning cp174.iqhost.ru (193.106.xx.xx) [65535 ports]

Discovered open port 3306/tcp on 193.106.xx.xx

Discovered open port 80/tcp on 193.106.xx.xx

Discovered open port 21/tcp on 193.106.xx.xx

Discovered open port 443/tcp on 193.106.xx.xx

SYN Stealth Scan Timing: About 8.29% done; ETC: 09:42 (0:05:43 remaining)

SYN Stealth Scan Timing: About 12.60% done; ETC: 09:44 (0:07:03 remaining)

SYN Stealth Scan Timing: About 16.72% done; ETC: 09:45 (0:07:33 remaining)

Discovered open port 222/tcp on 193.106.xx.xx

SYN Stealth Scan Timing: About 34.17% done; ETC: 09:47 (0:07:04 remaining)

SYN Stealth Scan Timing: About 39.70% done; ETC: 09:47 (0:06:29 remaining)

SYN Stealth Scan Timing: About 46.08% done; ETC: 09:47 (0:05:56 remaining)

Discovered open port 3310/tcp on 193.106.xx.xx

SYN Stealth Scan Timing: About 51.97% done; ETC: 09:47 (0:05:20 remaining)