Mengintai Server lawan Menggunakan NMAP

Find4something | Nmap adalah Tool untuk eksplorasi jaringan, secara ekslusif menjadi salah satu tool andalan yang sering digunakan oleh Administrator Jaringan, Pen-Test (IT Developer yg dibayar untuk mencari Hole pada System Jaringan) serta Attacker.
Tool ini digunakan sebagaimana namanya yaitu Penjelajah System Jaringan (Network Mapper, Network Exploration Tool). Dengan Nmap kamu bisa melakukan Probing (probe) keseluruh jaringan dan mencari tahu service apa yang aktif pada port yang lebih spesifik. Bukan hanya itu saja tapi juga mencampur fingerprinting (Banner Grap) yang bisa membandingkan dan memberikan estimasi akan apa jenis Sistem Operasi (OS) target. Nmap juga mempunyai banyak kelebihan atau Flags yang akan memanipulasi bagaimana cara dia (Nmap) melakukan Scanning, kamu hanya perlu melakukan tcp()connect scanning yang akan membuat full connection ke host atau syn scanning juga biasa dikenal (a.k.a) Half Connection (ini susah negh jelasin half connection), testing Firewall atau mencari tahu apakan ada Firewall atau Packet Filter, Idle Scan (pembahasan mengenai Idle Scan, tunggu di Ezine selanjutnya yahh… :d)yang akan melakukan Spoofing (menyembunyikan IP kamu) ke Host yang lain atau memakai Decoy (host umpan) yang akan membuat JeJaK (trace) kamu semakin susah dilacak.
Nmap kompetibel dengan Linux/BSD Family (*nix) tetapi karena saya menggunakan sistem operasi windows xp3 maka saya akan mengajrkan anda cara menggunakan nmap di windows di sini saya akan memberikan contoh penggunaan nmap untuk melihat sistem operasi dan port2 yang terbuka di website teknokrat.ac.id ….  untuk anda yang belum mempunyai softwarenya anda bisa download di akhir postingan paling bawah. Untuk cara penginstalanya:
  • Download nmap.
  • Extrak menggunakan winzip.
  • Double klik pada nmap.exe tunggu hingga instalasi selesai.
  • Setelah selesai anda bisa memanggilnya melalui cmd. Caranya klik lambang window+r maka akan keluar menu run,,, kemudian ketikkan cmd… setelah itu..
  • Masuk ke folder nmap dengan cara ketik cd c:\nmap  dan enter setelah masuk ketikkan perinta di bawah ini…
C:\nmap>nmap -v -A teknokrat.ac.id
Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-02 13:27 SE Asia Standard Tim
NSE: Loaded 57 scripts for scanning.
Initiating Ping Scan at 13:27
Scanning teknokrat.ac.id (116.213.48.124) [4 ports]
Completed Ping Scan at 13:27, 0.31s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:27
Completed Parallel DNS resolution of 1 host. at 13:28, 6.44s elapsed
Initiating SYN Stealth Scan at 13:28
Scanning teknokrat.ac.id (116.213.48.124) [1000 ports]
Discovered open port 443/tcp on 116.213.48.124
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
RTTVAR has grown to over 2.3 seconds, decreasing to 2.0
Increasing send delay for 116.213.48.124 from 0 to 5 due to max_successful_tryn
 increase to 4
Discovered open port 993/tcp on 116.213.48.124
SYN Stealth Scan Timing: About 3.03% done; ETC: 13:45 (0:16:31 remaining)
Discovered open port 995/tcp on 116.213.48.124
Increasing send delay for 116.213.48.124 from 5 to 10 due to max_successful_try
o increase to 5
Discovered open port 3306/tcp on 116.213.48.124
SYN Stealth Scan Timing: About 3.86% done; ETC: 13:54 (0:25:20 remaining)
Discovered open port 110/tcp on 116.213.48.124
Discovered open port 80/tcp on 116.213.48.124
SYN Stealth Scan Timing: About 4.96% done; ETC: 13:58 (0:29:05 remaining)
Increasing send delay for 116.213.48.124 from 10 to 20 due to max_successful_tr
no increase to 6
Discovered open port 25/tcp on 116.213.48.124
Increasing send delay for 116.213.48.124 from 20 to 40 due to max_successful_tr
no increase to 7
Increasing send delay for 116.213.48.124 from 40 to 80 due to max_successful_tr
no increase to 8
Discovered open port 143/tcp on 116.213.48.124
SYN Stealth Scan Timing: About 5.84% done; ETC: 14:02 (0:32:31 remaining)
Increasing send delay for 116.213.48.124 from 80 to 160 due to 11 out of 18 dro
ped probes since last increase.
SYN Stealth Scan Timing: About 6.81% done; ETC: 14:05 (0:34:26 remaining)
Increasing send delay for 116.213.48.124 from 160 to 320 due to 11 out of 14 dr
pped probes since last increase.
Increasing send delay for 116.213.48.124 from 320 to 640 due to 11 out of 13 dr
pped probes since last increase.
Increasing send delay for 116.213.48.124 from 640 to 1000 due to max_successful
tryno increase to 9
SYN Stealth Scan Timing: About 12.17% done; ETC: 14:09 (0:36:33 remaining)
SYN Stealth Scan Timing: About 13.02% done; ETC: 14:12 (0:38:52 remaining)
SYN Stealth Scan Timing: About 13.20% done; ETC: 14:15 (0:41:32 remaining)
SYN Stealth Scan Timing: About 13.38% done; ETC: 14:19 (0:44:07 remaining)
SYN Stealth Scan Timing: About 13.59% done; ETC: 14:22 (0:46:50 remaining)
SYN Stealth Scan Timing: About 13.82% done; ETC: 14:25 (0:49:41 remaining)
SYN Stealth Scan Timing: About 14.05% done; ETC: 14:29 (0:52:42 remaining)
SYN Stealth Scan Timing: About 14.31% done; ETC: 14:33 (0:55:48 remaining)
SYN Stealth Scan Timing: About 14.61% done; ETC: 14:37 (0:59:08 remaining)
SYN Stealth Scan Timing: About 14.94% done; ETC: 14:41 (1:02:44 remaining)
SYN Stealth Scan Timing: About 15.31% done; ETC: 14:46 (1:06:29 remaining)
SYN Stealth Scan Timing: About 15.74% done; ETC: 14:51 (1:10:30 remaining)
^C
C:\nmap>nmap 192168.1.1
Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-02 13:41 SE Asia Standard Tim
Invalid target host specification: 192168.1.1
QUITTING!
C:\nmap>nmap 192.168.1.1
Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-02 13:42 SE Asia Standard Tim
Nmap scan report for 192.168.1.1
Host is up (0.0090s latency).
Not shown: 999 filtered ports
PORT   STATE SERVICE
53/tcp open  domain
Nmap done: 1 IP address (1 host up) scanned in 23.42 seconds
C:\nmap>nmap -p80 192.168.1
Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-02 13:47 SE Asia Standard Tim
Invalid target host specification: 192.168.1
QUITTING!
C:\nmap>nmap -v -A teknokrat.ac.id
Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-02 13:47 SE Asia Standard Tim
NSE: Loaded 57 scripts for scanning.
Initiating Ping Scan at 13:47
Scanning teknokrat.ac.id (118.97.147.155) [4 ports]
Completed Ping Scan at 13:47, 3.16s elapsed (1 total hosts)
Nmap scan report for teknokrat.ac.id (118.97.147.155) [host down]
Read data files from: C:\nmap
Note: Host seems down. If it is really up, but blocking our ping probes, try -P
Nmap done: 1 IP address (0 hosts up) scanned in 5.92 seconds
           Raw packets sent: 8 (304B) | Rcvd: 3 (180B)
C:\nmap>nmap -v -A http://www.teknokrat.ac.id
Starting Nmap 5.51 ( http://nmap.org ) at 2012-01-02 13:48 SE Asia Standard Tim
NSE: Loaded 57 scripts for scanning.
Initiating Ping Scan at 13:48
Scanning http://www.teknokrat.ac.id (118.97.147.155) [4 ports]
Completed Ping Scan at 13:48, 0.09s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:48
Completed Parallel DNS resolution of 1 host. at 13:48, 0.47s elapsed
Initiating SYN Stealth Scan at 13:48
Scanning http://www.teknokrat.ac.id (118.97.147.155) [1000 ports]
Discovered open port 3306/tcp on 118.97.147.155
Discovered open port 80/tcp on 118.97.147.155
Increasing send delay for 118.97.147.155 from 0 to 5 due to 11 out of 19 droppe
 probes since last increase.
Increasing send delay for 118.97.147.155 from 5 to 10 due to 11 out of 13 dropp
d probes since last increase.
Completed SYN Stealth Scan at 13:49, 40.72s elapsed (1000 total ports)
Initiating Service scan at 13:49
Scanning 2 services on http://www.teknokrat.ac.id (118.97.147.155)
Completed Service scan at 13:49, 5.00s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against http://www.teknokrat.ac.id (118.97.147.155)
Initiating Traceroute at 13:49
Completed Traceroute at 13:49, 3.05s elapsed
Initiating Parallel DNS resolution of 4 hosts. at 13:49
Completed Parallel DNS resolution of 4 hosts. at 13:49, 5.92s elapsed
NSE: Script scanning 118.97.147.155.
Initiating NSE at 13:49
Completed NSE at 13:50, 30.11s elapsed
Nmap scan report for http://www.teknokrat.ac.id (118.97.147.155)
Host is up (0.0100s latency).
rDNS record for 118.97.147.155: 155.subnet118-97-147.static.astinet.telkom.net.
d
Not shown: 996 filtered ports
PORT     STATE  SERVICE VERSION
25/tcp   closed smtp
80/tcp   open   http?
| http-robots.txt: 14 disallowed entries
| /administrator/ /cache/ /components/ /images/
| /includes/ /installation/ /language/ /libraries/ /media/
|_/modules/ /plugins/ /templates/ /tmp/ /xmlrpc/
|_http-title: Perguruan Tinggi Teknokrat
|_http-methods: No Allow or Public header in OPTIONS response (status code 200)
113/tcp  closed auth
3306/tcp open   mysql?
| mysql-info: Protocol: 10
| Version: 5.0.45
| Thread ID: 363
| Some Capabilities: Connect with DB, Compress, Transactions, Secure Connection
| Status: Autocommit
|_Salt: YLN&p&eP=#4z-og9%K.?
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.15 – 2.6.27, Linux 2.6.15 – 2.6.30, Linux 2.6.22, Linux 2
6.22 (Ubuntu, x86), Linux 2.6.27 (Ubuntu 8.10)
Network Distance: 5 hops
TRACEROUTE (using port 113/tcp)
HOP RTT      ADDRESS
1   16.00 ms 192.168.150.1
2   0.00 ms  192.168.140.1
3   16.00 ms travis.com (192.168.1.1)
4   …
5   16.00 ms 155.subnet118-97-147.static.astinet.telkom.net.id (118.97.147.155)
Read data files from: C:\nmap
OS and Service detection performed. Please report any incorrect results at http
//nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 91.50 seconds
           Raw packets sent: 2083 (93.748KB) | Rcvd: 41 (2.324KB)
Dari data di atas dapat saya temukan sistem operasi server teknokrat menggunakan
Running: Linux 2.6.X
OS details: Linux 2.6.15 – 2.6.27, Linux 2.6.15 – 2.6.30, Linux 2.6.22, Linux 2
6.22 (Ubuntu, x86), Linux 2.6.27 (Ubuntu 8.10)

Dari data di atas juga terdapat beberapa port yang seharusnya tertutup tapi masih dalam keadaan terbuka, dan hal itulah yang bisa berakibat suatu server dapat disusupi oleh hacker atau cracker… demikian ilmu yang dapat saya bagi semua hal yang tertulis dalam blog ini hanya untuk media pembelajaran dan bukan untuk bertindak kejahatan.

Comments