Scribd Logo
Carica

Benvenuto in Scribd!

  • Escaneo de Vulnerabilidades

    Caricato da

    Edinson Layza Barreto
    73 visualizzazioni12 pagine
    vulnerabilidad

    Copyright

    © © All Rights Reserved

    Formati disponibili

    DOCX, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    vulnerabilidad

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    73 visualizzazioni12 pagine

    Escaneo de Vulnerabilidades

    Caricato da

    Edinson Layza Barreto
    vulnerabilidad

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 12

    INFORME DE ESCANEO DE VULNERABILIDADES

    1. OBJETIVO

    Se desea identificar y mitigar las posibles vulnerabilidades en la red interna. Esto se realizará con el
    fin evaluar los controles existentes y mejorar la seguridad de los equipos y sistemas informáticos
    que existen en Conastec S.R.L. preservar la Confidencialidad, Integridad y Disponibilidad.

    2. ALCANCE

    Se escanearán todos los dispositivos encontrados en la red interna.

    3. DESCRIPCIÓN

    Se procederá a utilizar el ESCANEO DE VULNERABILIDADES de Nessus.

    El escaneo contará con lo siguiente:

     Nombre: Breve alias para el escaneo.


     Rango IP: Colocar el rango de IPs en el que realizará el escaneo.
     Fecha: 7.12.2017
     Hora: 1:52pm

    4. RESUMEN DE LOS RESULTADOS

    Se realizó el siguiente escaneo de vulnerabilidades:

    NOMBRE RANGO IP
    LAN_CONASTEC 172.24.64.1 – 172.24.64.254
    En la siguiente tabla se muestran las vulnerabilidades encontradas:

    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD


    172.24.64.36
    MS17-010: Security Update for Microsoft Windows SMB Server Acceso Remoto 172.24.64.200 Crítica
    172.24.64.223
    172.24.64.226
    Unix Operating System Unsupported Version Detection Acceso Remoto Crítica
    172.24.64.249
    172.24.64.36
    MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code Execution Acceso Remoto Crítica
    172.24.64.200
    172.24.64.200
    MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution Acceso Remoto Crítica
    172.24.64.244
    Microsoft IIS 6.0 Unsupported Version Detection Acceso Remoto 172.24.64.223 Crítica
    172.24.64.5
    Acceso a recurso
    Oracle TNS Listener Remote Poisoning 172.24.64.8 Alta
    compartido de red
    172.24.64.36
    Acceso a recurso 172.24.64.250
    Microsoft Windows SMB Shares Unprivileged Access Alta
    compartido de red 172.24.64.251
    172.24.64.200
    MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution Acceso Remoto Alta
    172.24.64.223
    172.24.64.134
    IPMI v2.0 Password Hash Disclosure Acceso Remoto Alta
    172.24.64.135
    Unsupported Web Server Detection Servidor Web 172.24.64.223 Alta
    OpenSSL Heartbeat Information Disclosure (Heartbleed) Acceso Remoto 172.24.64.135 Alta
    OpenSSL 'ChangeCipherSpec' MiTM Vulnerability Acceso Remoto 172.24.64.134 Alta
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    SSL Medium Strength Cipher Suites Supported Acceso Remoto 172.24.64.5 (tcp/5556) Media
    172.24.64.5 (tcp/6701)
    172.24.64.5 (tcp/8890)
    172.24.64.35 (tcp/3389)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.38 (tcp/3389)
    172.24.64.39 (tcp/3389)
    172.24.64.74 (tcp/3389)
    172.24.64.200 (tcp/1433)
    172.24.64.200 (tcp/3389)
    172.24.64.202 (tcp/443)
    172.24.64.202 (tcp/5061)
    172.24.64.203 (tcp/443)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/443)
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/443)
    172.24.64.205 (tcp/5061)
    172.24.64.241 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.244 (tcp/3389)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    172.24.64.5 (tcp/6701)
    172.24.64.5 (tcp/8890)
    172.24.64.35 (tcp/3389)
    SSL 64-bit Block Size Cipher Suites Supported Acceso Remoto Media
    172.24.64.38 (tcp/3389)
    172.24.64.39 (tcp/3389)
    172.24.64.74 (tcp/3389)
    172.24.64.200 (tcp/1433)
    172.24.64.200 (tcp/3389)
    172.24.64.202 (tcp/443)
    172.24.64.202 (tcp/5061)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.203 (tcp/443)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/443)
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/443)
    172.24.64.205 (tcp/5061)
    172.24.64.241 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.244 (tcp/3389)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/443)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    172.24.64.5 (tcp/8890)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    172.24.64.39 (tcp/3389)
    172.24.64.74 (tcp/3389)
    SSL Certificate Cannot Be Trusted Certificado no confiable 172.24.64.200 (tcp/1433) Media
    172.24.64.200 (tcp/3389)
    172.24.64.202 (tcp/443)
    172.24.64.202 (tcp/5061)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/5061)
    172.24.64.240 (tcp/8834)
    172.24.64.241 (tcp/3389)
    172.24.64.243 (tcp/443)
    172.24.64.243 (tcp/3389)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.244 (tcp/3389)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    172.24.64.5 (tcp/8890)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    172.24.64.74 (tcp/3389)
    172.24.64.200 (tcp/1433)
    SSL Certificate Signed Using Weak Hashing Algorithm Firma Digital Media
    172.24.64.200 (tcp/3389)
    172.24.64.202 (tcp/443)
    172.24.64.202 (tcp/5061)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/5061)
    172.24.64.241 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.244 (tcp/3389)
    172.24.64.5 (tcp/445)
    172.24.64.8 (tcp/445)
    172.24.64.35 (tcp/445)
    172.24.64.36 (tcp/445)
    172.24.64.38 (tcp/445)
    SMB Signing Disabled Acceso Remoto 172.24.64.39 (tcp/445) Media
    172.24.64.40 (tcp/445)
    172.24.64.42 (tcp/445)
    172.24.64.44 (tcp/445)
    172.24.64.48 (tcp/445)
    172.24.64.74 (tcp/445)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.200 (tcp/445)
    172.24.64.223 (tcp/445)
    172.24.64.226 (tcp/445)
    172.24.64.244 (tcp/445)
    172.24.64.250 (tcp/445)
    172.24.64.251 (tcp/445)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/8890)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    172.24.64.39 (tcp/3389)
    SSL Self-Signed Certificate Firma Digital 172.24.64.74 (tcp/3389) Media
    172.24.64.200 (tcp/1433)
    172.24.64.200 (tcp/3389)
    172.24.64.241 (tcp/3389)
    172.24.64.243 (tcp/443)
    172.24.64.243 (tcp/3389)
    172.24.64.244 (tcp/3389)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    172.24.64.5 (tcp/6701)
    172.24.64.5 (tcp/8890)
    SSL Weak Cipher Suites Supported Cifrado SSL Media
    172.24.64.202 (tcp/443)
    172.24.64.202 (tcp/5061)
    172.24.64.203 (tcp/443)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/443)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/443)
    172.24.64.205 (tcp/5061)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/6701)
    SSL Version 2 and 3 Protocol Detection Acceso Remoto Media
    172.24.64.5 (tcp/8889)
    172.24.64.5 (tcp/8890)
    172.24.64.200 (tcp/1433)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    172.24.64.5 (tcp/6701)
    SSL/TLS EXPORT_RSA <= 512-bit Cipher Suites Supported (FREAK) Acceso Remoto Media
    172.24.64.202 (tcp/5061)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/5061)
    172.24.64.5 (tcp/3389)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    Microsoft Windows Remote Desktop Protocol Server Man-in-the-Middle Weakness Acceso Remoto 172.24.64.74 (tcp/3389) Media
    172.24.64.200 (tcp/3389)
    172.24.64.223 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.5 (tcp/443)
    172.24.64.5 (tcp/1830)
    SSL Certificate with Wrong Hostname Certificado SSL Media
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.5 (tcp/8890)
    172.24.64.200 (tcp/1433)
    172.24.64.244 (tcp/3389)
    172.24.64.5 (tcp/3389)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    Terminal Services Encryption Level is Medium or Low Acceso Remoto 172.24.64.74 (tcp/3389) Media
    172.24.64.200 (tcp/3389)
    172.24.64.223 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) Acceso Remoto 172.24.64.5 (tcp/6701) Media
    172.24.64.5 (tcp/8890)
    172.24.64.200 (tcp/1433)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/3389)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    Terminal Services Doesn't Use Network Level Authentication (NLA) Only Acceso Remoto Media
    172.24.64.74 (tcp/3389)
    172.24.64.200 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.1 (tcp/0)
    172.24.64.202 (tcp/0)
    IP Forwarding Enabled Firewalls Media
    172.24.64.204 (tcp/0)
    172.24.64.205 (tcp/0)
    172.24.64.8 (tcp/3625)
    172.24.64.135 (tcp/22)
    SSH Weak Algorithms Supported Acceso Remoto Media
    172.24.64.226 (tcp/22)
    172.24.64.249 (tcp/22)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.36 (tcp/49155)
    MS16-047: Security Update for SAM and LSAD Remote Protocols (3148527) (Badlock) 172.24.64.200 (tcp/49154)
    Acceso Remoto Media
    (uncredentialed check) 172.24.64.244 (tcp/49155)
    172.24.64.244 (tcp/49182)
    172.24.64.223 (tcp/80)
    HTTP TRACE / TRACK Methods Allowed Servidor web 172.24.64.249 (tcp/80) Media
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/1830)
    SSL Certificate Chain Contains Weak RSA Keys 172.24.64.5 (tcp/5500) Media
    172.24.64.5 (tcp/5556)
    172.24.64.134 (tcp/23)
    Unencrypted Telnet Server Acceso Remoto Media
    172.24.64.135 (tcp/23)
    172.24.64.1 (udp/123)
    Network Time Protocol (NTP) Mode 6 Scanner Media
    172.24.64.254 (udp/123)
    HTTP Proxy POST Request Relaying Proxy 172.24.64.254 (tcp/3128) Media
    DNS Server Cache Snooping Remote Information Disclosure Acceso Remoto 172.24.64.241 (udp/53) Media
    SSL Certificate Expiry Certificado expirado 172.24.64.249 (tcp/443) Media
    SSL / TLS Renegotiation Handshakes MiTM Plaintext Data Injection Acceso Remoto 172.24.64.5 (tcp/1830) Media
    Oracle Application Express (Apex) CVE-2011-3525 Acceso Remoto 172.24.64.8 (tcp/8080) Media
    Oracle Application Express (Apex) CVE-2012-1708 Acceso Remoto 172.24.64.8 (tcp/8080) Media
    TLS Padding Oracle Information Disclosure Vulnerability (TLS POODLE) Acceso Remoto 172.24.64.200 (tcp/1433) Media
    Apache Server ETag Header Information Disclosure Acceso Remoto 172.24.64.226 (tcp/80) Media
    SSL DROWN Attack Vulnerability (Decrypting RSA with Obsolete and Weakened
    Acceso Remoto 172.24.64.5 (tcp/5556) Media
    eNcryption)
    Samba Badlock Vulnerability
    Acceso Remoto 172.24.64.226 (tcp/445) Media
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    SSL RC4 Cipher Suites Supported (Bar Mitzvah) Acceso Remoto Baja
    172.24.64.5 (tcp/5556)
    172.24.64.5 (tcp/6701)
    172.24.64.5 (tcp/8889)
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.5 (tcp/8890)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    172.24.64.39 (tcp/3389)
    172.24.64.74 (tcp/3389)
    172.24.64.200 (tcp/1433)
    172.24.64.200 (tcp/3389)
    172.24.64.202 (tcp/443)
    172.24.64.202 (tcp/5061)
    172.24.64.203 (tcp/443)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/443)
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/443)
    172.24.64.205 (tcp/5061)
    172.24.64.241 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.244 (tcp/3389)
    172.24.64.249 (tcp/443)
    172.24.64.5 (tcp/1830)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    172.24.64.5 (tcp/8890)
    SSL Certificate Chain Contains RSA Keys Less Than 2048 bits 172.24.64.200 (tcp/1433) Baja
    172.24.64.202 (tcp/5061)
    172.24.64.203 (tcp/5061)
    172.24.64.204 (tcp/5061)
    172.24.64.205 (tcp/5061)
    172.24.64.5 (tcp/3389)
    172.24.64.35 (tcp/3389)
    172.24.64.38 (tcp/3389)
    Terminal Services Encryption Level is not FIPS-140 Compliant Cifrado 172.24.64.74 (tcp/3389) Baja
    172.24.64.200 (tcp/3389)
    172.24.64.223 (tcp/3389)
    172.24.64.243 (tcp/3389)
    SSH Server CBC Mode Ciphers Enabled 172.24.64.1 (tcp/22) Baja
    NOMBRE DE LA VULNERABILIDAD TIPO DE VULNERABILIDAD IP SEVERIDAD
    172.24.64.8 (tcp/3625)
    172.24.64.134 (tcp/22)
    172.24.64.134 (tcp/115)
    172.24.64.135 (tcp/22)
    172.24.64.226 (tcp/22)
    172.24.64.249 (tcp/22)
    172.24.64.1 (tcp/22)
    172.24.64.8 (tcp/3625)
    172.24.64.134 (tcp/22)
    SSH Weak MAC Algorithms Enabled Acceso Remoto 172.24.64.134 (tcp/115) Baja
    172.24.64.135 (tcp/22)
    172.24.64.226 (tcp/22)
    172.24.64.249 (tcp/22)
    172.24.64.5 (tcp/3389)
    172.24.64.5 (tcp/5500)
    172.24.64.5 (tcp/5556)
    SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam) Acceso Remoto 172.24.64.35 (tcp/3389) Baja
    172.24.64.38 (tcp/3389)
    172.24.64.74 (tcp/3389)
    172.24.64.243 (tcp/3389)
    172.24.64.5 (tcp/5500)
    SSL/TLS EXPORT_DHE <= 512-bit Export Cipher Suites Supported (Logjam) Acceso Remoto Baja
    172.24.64.5 (tcp/5556)
    DHCP Server Detection Exposición de información 172.24.64.254 (udp/67) Baja
    Multiple Ethernet Driver Frame Padding Information Disclosure (Etherleak) Actualización de Seguridad 172.24.64.135 (icmp/0) Baja
    POP3 Cleartext Logins Permitted Acceso Remoto 172.24.64.249 (tcp/110) Baja
    SSL Anonymous Cipher Suites Supported Acceso Remoto 172.24.64.5 (tcp/5556) Baja

    Total de vulnerabilidades por severidad:

    SEVERIDAD CANTIDAD
    Crítica 10
    Alta 12
    Media 217
    Baja 68
    5. RECOMENDACIONES

    Se recomienda tomar acciones contra las vulnerabilidades encontradas, comenzando por las
    vulnerabilidades Críticas y Altas.

    El reporte de vulnerabilidades brinda datos de referencia sobre como tomar acciones contra todas
    las vulnerabilidades encontradas.

    Potrebbero piacerti anche