Post on 02-Feb-2020
qwertyuiopasdfghjklzxcvbnmq
wertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwer
tyuiopasdfghjklzxcvbnmqwerty
uiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopas
dfghjklzxcvbnmqwertyuiopasdf
ghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzx
cvbnmqwertyuiopasdfghjklzxcv
bnmqwertyuiopasdfghjklzxcvbn
mqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmq
wertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmrtyui
opasdfghjklzxcvbnmqwertyuiop
Seguridad y Alta Disponibilidad
Practica: Disponibilidad
Jesús García del Rio
PRACTICA NMAP
- Comando para conocer el estado de los puertos de nuestro equipo. nmap -sS –O <ip de nuestro equipo>
Ejemplo en nuestro caso sería en el cmd introducir la siguiente
línea:
nmap -sS –O 192.168.2.154
y nos mostraría el resultado de nuestros puertos,como se muestra en
la siguiente imagen:
- Comando para conocer el estado de los puertos que deseemos de los equipos de nuestra
red: nmap -sV -p <puertos> <rango de ips de los equipos>
En nuestro caso lo haríamos de la siguiente manera queriendo conocer
los puertos 20,21,80,110,143, y el rango de ips que queremos analizar
sería 192.168.2.140-200 saliendo como resultado lo que se muestra en
la siguiente pantalla , ejecutando el comando:
nmap -sV -p 20,21,80,110,143 192.168.2.140-200
- Comando para conocer los equipos que están conectados en nuestra red, el comando sería
el siguiente:
Nmap –sP <rango de ips>
En nuestro caso introduciríamos el comando de la siguiente manera queriendo analizar el
rango de ips 192.168.2.140-200, quedando el comando de la siguiente manera:
Nmap –sP 192.168.2.140-200
MICROSOFT BASELINE SECURITY
ANALYZER
¿PARA QUE SIRVE EL MICROSOFT BASELINE SECURITY ANALYZER?
Microsoft Baseline Security Analyzer (MBSA) es una herramienta fácil de usar
diseñada para los profesionales de TI que ayuda a las pequeñas y medianas
empresas a determinar su estado de seguridad según las recomendaciones de
seguridad de Microsoft y ofrece orientación de soluciones específicas. Mejore
el proceso de administración de seguridad utilizando MBSA para detectar los
errores más comunes de configuración de seguridad y actualizaciones de
seguridad que falten en sus sistemas informáticos.
Este programa nos lo podemos bajar desde la propia pagina de Microsoft
nosotros nos lo hemos descargado de ahí mismo.
http://technet.microsoft.com/es-es/security/cc184924
Una vez descargado lo ejecutamos y nos encontramos con la siguiente
pantalla. Y le damos a seleccionar a scan a computar solo queremos escanear
un ordenador si quisiéramos más seria scan multiple computers.
En la siguiente pantalla observamos que tenemos dos opciones, o poner el
nombre del equipo que queremos analizar o también se puede hacer poniendo
una ip de alguien equipo que este en nuestra misma red.
En esta pantalla podemos observar que empieza el escaneo de lo que hemos
seleccionado.
Una vez terminado el analisis nos sale en la pantalla que si queremos ver
todos los resultados y nos lo muestra en un recuadro poniendonos toda la
información.,(no pongo pantallazo porque copio todo la informacion que
me
pone).
Security assessment:
Severe Risk (One or more critical checks failed.)
Computer name: WORKGROUP\ALUMNO03-PC
IP address: 192.168.2.154
Security report
name:
WORKGROUP - ALUMNO03-PC (13-10-2011 11-19)
Scan date: 13/10/2011 11:19
Catalog
synchronization
date:
Security update
catalog:
Microsoft Update
Security Updates
Score Issue Result
Office Security Updates
1 service packs or update rollups are missing.
Update Rollups and Service Packs
Score ID Description
Missing 2510690 Service Pack 1 for Microsoft Office
2010 (KB2510690) 32-bit Edition
Current Update Compliance
Score ID Description Maximum
Severity
Installed MS11-022 Security Update for
Microsoft PowerPoint
2010 (KB2519975), 32-
Bit Edition
Important
Installed MS11-072 Security Update for
Microsoft Office 2010
(KB2553091), 32-Bit
Edition
Important
Installed MS10-103 Security Update for Important
Microsoft Publisher 2010
(KB2409055), 32-Bit
Edition
Installed MS11-072 Security Update for
Microsoft Office 2010
(KB2553096), 32-Bit
Edition
Important
Installed MS11-074 Security Update for
Microsoft SharePoint
Workspace 2010
(KB2566445), 32-Bit
Edition
Important
Installed MS10-105 Security Update for
Microsoft Office 2010
(KB2289078), 32-Bit
Edition
Important
Installed MS11-073 Security Update for
Microsoft Office 2010
(KB2584066), 32-Bit
Edition
Important
Installed MS11-072 Security Update for
Microsoft Excel 2010
(KB2553070), 32-Bit
Edition
Important
Installed MS10-079 Security Update for
Microsoft Word 2010
(KB2345000), 32-Bit
Edition
Important
Installed MS11-049 Security Update for
Microsoft InfoPath 2010
(KB2510065), 32-Bit
Edition
Important
Windows
Security
Updates
1 service packs or update rollups are missing.
Update Rollups and Service Packs
Score ID Description
Missing 976932 Windows 7 Service Pack 1 for x64-
based Systems (KB976932)
Current Update Compliance
Score ID Description Maximum
Severity
Installed MS11-068 Security Update for
Windows 7 for x64-based
Systems (KB2556532)
Moderate
Installed MS11-002 Security Update for Critical
Windows 7 for x64-based
Systems (KB2419640)
Installed MS11-075 Security Update for
Windows 7 for x64-based
Systems (KB2564958)
Important
Installed MS11-019 Security Update for
Windows 7 for x64-based
Systems (KB2511455)
Critical
Installed MS10-100 Security Update for
Windows 7 for x64-based
Systems (KB2442962)
Important
Installed MS11-037 Security Update for
Windows 7 for x64-based
Systems (KB2544893)
Important
Installed MS11-024 Security Update for
Windows 7 for x64-based
Systems (KB2491683)
Important
Installed MS10-082 Security Update for
Windows 7 for x64-based
Systems (KB2378111)
Important
Installed MS11-064 Security Update for
Windows 7 for x64-based
Systems (KB2563894)
Moderate
Installed MS11-017 Security Update for
Windows 7 for x64-based
Systems (KB2483614)
Important
Installed MS11-053 Security Update for
Windows 7 for x64-based
Systems (KB2532531)
Critical
Installed MS11-063 Security Update for
Windows 7 for x64-based
Systems (KB2567680)
Important
Installed MS09-056 Security Update for
Windows 7 for x64-based
Systems (KB974571)
Important
Installed MS10-074 Security Update for
Windows 7 for x64-based
Systems (KB2387149)
Moderate
Installed 980408 Update for Windows 7 for
x64-based Systems
(KB980408)
Installed MS10-051 Security Update for
Windows 7 for x64-based
Systems (KB2079403)
Critical
Installed MS10-096 Security Update for Important
Windows 7 for x64-based
Systems (KB2423089)
Installed MS11-011 Security Update for
Windows 7 for x64-based
Systems (KB2393802)
Important
Installed MS11-076 Security Update for
Windows 7 for x64-based
Systems (KB2579686)
Important
Installed MS11-081 Cumulative Security
Update for Internet
Explorer 9 for Windows 7
for x64-based Systems
(KB2586448)
Critical
Installed MS11-048 Security Update for
Windows 7 for x64-based
Systems (KB2536275)
Important
Installed MS10-013 Security Update for
Windows 7 for x64-based
Systems (KB975560)
Critical
Installed MS10-075 Security Update for
Windows 7 for x64-based
Systems (KB2281679)
Critical
Installed MS11-069 Security Update for
Microsoft .NET
Framework 3.5.1 on
Windows 7 and Windows
Server 2008 R2 for x64-
based Systems
(KB2539634)
Moderate
Installed MS10-070 Security Update for
Microsoft .NET
Framework 3.5.1,
Windows 7, and Windows
Server 2008 R2 for x64-
based Systems
(KB2416471)
Important
Installed MS11-030 Security Update for
Windows 7 for x64-based
Systems (KB2509553)
Critical
Installed MS11-044 Security Update for .NET
Framework 3.5.1 on
Windows 7 and Windows
Server 2008 R2 for x64-
based Systems
(KB2518867)
Critical
Installed MS10-055 Security Update for Critical
Windows 7 for x64-based
Systems (KB982665)
Installed MS10-095 Security Update for
Windows 7 for x64-based
Systems (KB2385678)
Important
Installed MS11-032 Security Update for
Windows 7 for x64-based
Systems (KB2507618)
Critical
Installed MS10-061 Security Update for
Windows 7 for x64-based
Systems (KB2347290)
Important
Installed MS10-059 Security Update for
Windows 7 for x64-based
Systems (KB982799)
Important
Installed MS11-024 Security Update for
Windows 7 for x64-based
Systems (KB2506212)
Important
Installed 977074 Update for Windows 7 for
x64-based Systems
(KB977074)
Installed MS10-081 Security Update for
Windows 7 for x64-based
Systems (KB2296011)
Important
Installed MS10-085 Security Update for
Windows 7 for x64-based
Systems (KB2207566)
Important
Installed 2562937 Update Rollup for
ActiveX Killbits for
Windows 7 for x64-based
Systems (KB2562937)
Installed MS11-071 Security Update for
Windows 7 for x64-based
Systems (KB2570947)
Important
Installed MS11-027 Cumulative Security
Update for ActiveX
Killbits for Windows 7 for
x64-based Systems
(KB2508272)
Critical
Installed MS11-077 Security Update for
Windows 7 for x64-based
Systems (KB2567053)
Important
Installed MS10-041 Microsoft .NET
Framework 3.5 SP1
Security Update for
Windows 7 and Windows
Server 2008 R2 for x64-
Important
based Systems
(KB979916)
Installed MS10-001 Security Update for
Windows 7 for x64-based
Systems (KB972270)
Low
Installed MS10-030 Security Update for
Windows 7 for x64-based
Systems (KB978542)
Important
Installed MS10-046 Security Update for
Windows 7 for x64-based
Systems (KB2286198)
Critical
Installed MS09-059 Security Update for
Windows 7 for x64-based
Systems (KB975467)
Important
Installed 974431 Update for Windows 7 for
x64-based Systems
(KB974431)
Installed MS11-046 Security Update for
Windows 7 for x64-based
Systems (KB2503665)
Important
Installed 890830 Windows Malicious
Software Removal Tool
x64 - October 2011
(KB890830)
Installed MS11-043 Security Update for
Windows 7 for x64-based
Systems (KB2536276)
Critical
Installed MS10-083 Security Update for
Windows 7 for x64-based
Systems (KB979688)
Important
Installed MS10-092 Security Update for
Windows 7 for x64-based
Systems (KB2305420)
Important
Installed MS10-083 Security Update for
Windows 7 for x64-based
Systems (KB979687)
Important
Installed MS10-076 Security Update for
Windows 7 for x64-based
Systems (KB982132)
Critical
Installed MS11-015 Security Update for
Windows 7 for x64-based
Systems (KB2479943)
Critical
Installed 982861 Windows Internet
Explorer 9 for Windows 7
for x64-based Systems
Installed MS11-042 Security Update for
Windows 7 for x64-based
Systems (KB2535512)
Important
Installed MS10-033 Security Update for
Windows 7 for x64-based
Systems (KB979482)
Critical
Installed MS11-059 Security Update for
Windows 7 for x64-based
Systems (KB2560656)
Important
Installed MS11-078 Security Update for
Microsoft .NET
Framework 3.5.1 on
Windows 7 and Windows
Server 2008 R2 for x64-
based Systems
(KB2572076)
Critical
Installed MS11-013 Security Update for
Windows 7 for x64-based
Systems (KB2425227)
Important
Installed 2570791 Update for Windows 7 for
x64-based Systems
(KB2570791)
Installed MS10-019 Security Update for
Windows 7 for x64-based
Systems (KB979309)
Critical
Installed MS10-019 Security Update for
Windows 7 for x64-based
Systems (KB978601)
Critical
Developer
Tools,
Runtimes, and
Redistributables
Security Updates
No security updates are missing.
Current Update Compliance
Score ID Description Maximum
Severity
Installed MS11-025 Security Update for
Microsoft Visual C++
2008 Service Pack 1
Redistributable Package
(KB2538243)
Important
SQL Server
Security
Updates
No security updates are missing.
Current Update Compliance
Score ID Description Maximum
Severity
Installed MS06-061 MSXML 6.0 RTM
Security Update (925673)
Critical
Silverlight
Security Updates
No security updates are missing.
Current Update Compliance
Score ID Description Maximum
Severity
Installed MS11-078 Security Update for
Microsoft Silverlight
(KB2617986)
Critical
Windows Scan Results
Administrative Vulnerabilities
Score
Issue Result
Windows Firewall
Windows Firewall tests cannot be done due to an error.
(0x00000001)
Local
Account
Password
Test
Some user accounts (3 of 5) have blank or simple passwords, or
could not be analyzed.
User Weak
Password
Locked
Out
Disabled
Administrador Weak - Disabled
Invitado Weak - Disabled
jesus Weak - -
HomeGroupUse
r$
- - -
__vmware_user
__
- - -
Password
Expiration
Some user accounts (4 of 5) have non-expiring passwords.
User
Administrador
HomeGroupUser$
Invitado
jesus
Incomplete Updates No incomplete software update installations were found.
File System All hard drives (1) are using the NTFS file system.
Drive Letter File System
C: NTFS
Guest
Account The Guest account is disabled on this computer.
Autologon Autologon is not configured on this computer.
Restrict
Anonymous Computer is properly restricting anonymous access.
Administrato
rs
No more than 2 Administrators were found on this computer.
User
Administrador
jesus
Automatic Updates
Updates are automatically downloaded and installed on this
computer.
Additional System Information
Score
Issue Result
Windo
ws Version
Computer is running Microsoft Windows 7.
Auditin
g
Neither Logon Success nor Logon Failure auditing are enabled. Enable
auditing and turn on auditing for specific events such as logon and
logoff. Be sure to monitor your event log to watch for unauthorized
access.
Shares
3 share(s) are present on your computer.
Share Directory Share ACL Directory ACL
ADMIN
$
C:\Windo
ws
Admin Share NT
SERVICE\TrustedInsta
ller - F, NT
AUTHORITY\SYSTE
M - RWXD,
BUILTIN\Administrad
ores - RWXD,
BUILTIN\Usuarios -
RX
C$ C:\ Admin Share BUILTIN\Administrad
ores - F, NT
AUTHORITY\SYSTE
M - F,
BUILTIN\Usuarios -
RX, NT
AUTHORITY\Usuario
s autentificados - D
Users C:\Users Administrador
es - F, Todos -
F
NT
AUTHORITY\SYSTE
M - F,
BUILTIN\Administrad
ores - F,
BUILTIN\Usuarios -
RX, Todos - RX
Service
s No potentially unnecessary services were found.
Internet Information Services (IIS) Scan Results Score Issue Result
IIS Status IIS is not running on this computer.
SQL Server Scan Results Score Issue Result
SQL
Server/MSDE Status
SQL Server and/or MSDE is not installed on this computer.
Desktop Application Scan Results
Administrative Vulnerabilities
Score Issue Result
IE Zones Internet Explorer zones have secure settings for all users.
Macro
Security No supported Microsoft Office products are installed.