10 Mart 2012 Cumartesi

Firewalk

Firewalk hedef cihazın hangi level 4 paketleri geçirdiğini , yani güvenlik duvarı veya yönlendirici üzerindeki ACL (Access Control List)‘ leri tespit etmemize yarayan aktif bilgi toplama aracıdır. Firewalk Tcp veya Udp olarak hedef güvenlik duvarı veya yönlendirici ‘den TTL değeri bir fazla olacak şekilde paket gönderir. Eğer güvenlik duvarı veya yönlendirici trafiğe izin veriyorsa paketi bir sonraki adımda bulunan cihaza geçirecek , eğer izin vermiyorsa paketi düşürecektir. Aracın kullanımı şu şekildedir:

Firewalk 5.0 [gateway ACL scanner]
Usage : firewalk [options] target_gateway metric
[-d 0 - 65535] destination port to use (ramping phase)
[-h] program help
[-i device] interface
[-n] do not resolve IP addresses into hostnames
[-p TCP | UDP] firewalk protocol
[-r] strict RFC adherence
[-S x - y, z] port range to scan
[-s 0 - 65535] source port
[-T 1 - 1000] packet read timeout in ms
[-t 1 - 25] IP time to live
[-v] program version
[-x 1 - 8] expire vector

Örneğimiz üzerinden bakarsak:
www.linux.org adresine traceroute çektiğimizde 207.245.34.122 ip’ sinin yol üzerindeki güvenlik duvarı veya yönlendirici olduğunu tespit etmiş oluruz. Burdan yola çıkarak bu güvenlik duvarı veyar yönlendirici ‘nin hangi portlarda filtreleme yapmadığını firewalk kullanarak tespit edelim.
# traceroute -n www.linux.org
traceroute to www.linux.org (198.182.196.56), 64 hops max, 40 byte packets
1  192.168.2.1  2.983 ms  3.789 ms  3.496 ms
2  213.243.9.3  7.992 ms  8.680 ms  8.735 ms
3  88.255.240.65  10.956 ms  18.525 ms  14.493 ms
4  212.156.118.5  18.853 ms  9.291 ms  105.685 ms
5  212.156.103.33  64.524 ms  66.362 ms  65.646 ms
6  195.50.122.133  76.891 ms  76.485 ms  75.915 ms
7  4.69.139.97  75.176 ms  75.751 ms  74.515 ms
8  4.69.137.78  144.678 ms 4.69.137.74  143.691 ms 4.69.137.66  145.680 ms
9  4.69.134.66  157.610 ms 4.69.134.70  151.257 ms 4.69.134.66  152.681 ms
10  4.68.16.132  145.483 ms 4.68.16.4  145.896 ms 4.68.16.132  148.717 ms
11  4.53.84.222  144.165 ms  145.504 ms  144.907 ms
12  199.212.172.2  163.333 ms  163.14 ms  163.31 ms
13  216.191.132.150  166.523 ms  172.162 ms  165.313 ms
14  207.245.34.122  176.788 ms  164.56 ms  167.560 ms
15  198.182.196.56  166.898 ms  171.668 ms  168.291 ms

Burada aracı kullanarak target_gateway olarak 207.245.34.122 ip adresini metric olarak ta 198.182.196.56 ip adresini kullanıyoruz. Hedef protokolü olarak Tpc ve portu olarak ta 80‘i kullanıyoruz.

# firewalk -i vic1 -n -p tcp -s 80 -d 80 207.245.34.122 198.182.196.56
Firewalk 5.0 [gateway ACL scanner]
Firewalk state initialization completed successfully.
TCP-based scan.
Ramping phase source port: 80, destination port: 80
Hotfoot through 207.245.34.122 using 198.182.196.56 as a metric.
Ramping Phase:

1 (TTL  1): expired [192.168.2.1]
2 (TTL  2): expired [213.243.9.3]
3 (TTL  3): expired [88.255.240.65]
4 (TTL  4): expired [212.156.118.5]
5 (TTL  5): expired [212.156.103.33]
6 (TTL  6): expired [195.50.122.133]
7 (TTL  7): expired [4.69.139.97]
8 (TTL  8): expired [4.69.137.70]
9 (TTL  9): expired [4.69.134.78]
10 (TTL 10): expired [4.68.16.196]
11 (TTL 11): expired [4.53.84.222]
12 (TTL 12): expired [199.212.172.2]
13 (TTL 13): expired [216.191.132.146]
14 (TTL 14): expired [207.245.34.122]

Binding host reached.
Scan bound at 15 hops.
Scanning Phase:

port   1: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port   2: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port   3: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port   4: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port   5: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port   6: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port   7: *no response*
port   8: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port   9: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  10: *no response*
port  11: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  12: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  13: *no response*
port  14: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  15: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  16: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  17: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  18: *no response*
port  19: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  20: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  21: *no response*
port  22: A! open (port listen) [198.182.196.56]
port  23: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  24: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  25: unknown (unreach ICMP_UNREACH_FILTER_PROHIB) [213.243.9.3]
port  26: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  27: *no response*
port  28: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  29: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  30: *no response*
port  31: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  32: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  33: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  34: *no response*
port  35: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  36: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  37: *no response*
port  38: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  39: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  40: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  41: *no response*
port  42: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  43: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  44: *no response*
port  45: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  46: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  47: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  48: *no response*
port  49: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  50: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  51: *no response*
port  52: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  53: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  54: *no response*
port  55: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  56: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  57: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  58: *no response*
port  59: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  60: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  61: *no response*
port  62: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  63: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  64: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  65: *no response*
port  66: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  67: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  68: *no response*
port  69: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  70: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  71: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  72: *no response*
port  73: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  74: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  75: *no response*
port  76: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  77: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  78: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  79: *no response*
port  80: A! open (port listen) [198.182.196.56]
port  81: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  82: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  83: *no response*
port  84: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  85: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  86: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  87: *no response*
port  88: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  89: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  90: *no response*
port  91: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  92: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  93: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  94: *no response*
port  95: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  96: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  97: *no response*
port  98: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port  99: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 100: *no response*
port 101: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 102: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 103: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 104: *no response*
port 105: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 106: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 107: *no response*
port 108: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 109: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 110: *no response*
port 111: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 112: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 113: A! open (port listen) [198.182.196.56]
port 114: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 115: *no response*
port 116: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 117: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 118: *no response*
port 119: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 120: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 121: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 122: *no response*
port 123: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 124: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 125: *no response*
port 126: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 127: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 128: *no response*
port 129: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 130: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 139: unknown (unreach ICMP_UNREACH_PORT) [207.245.34.122]
port 1025: A! open (port not listen) [198.182.196.56]
Scan completed successfully.
Total packets sent:                146
Total packet errors:               0
Total packets caught               114
Total packets caught of interest   111
Total ports scanned                132
Total ports open:                  4
Total ports unknown:               93

Tarama sonucu görüyoruz ki www.linux.org adresine giderken yol üzerindeki güvenlik duvarı veya yönlendirici , www.linux.org adresi bulunan portları dinlemese de bu 4 porta izin vermektedir.

Hiç yorum yok:

Yorum Gönder