{"id":367,"date":"2020-09-17T05:13:31","date_gmt":"2020-09-17T05:13:31","guid":{"rendered":"http:\/\/dsantana.uas.edu.mx\/?p=367"},"modified":"2021-07-13T03:16:52","modified_gmt":"2021-07-13T03:16:52","slug":"comandos-principales-de-nmap-para-escanear-hosts-remotos","status":"publish","type":"post","link":"https:\/\/dsantana.uas.edu.mx\/index.php\/2020\/09\/17\/comandos-principales-de-nmap-para-escanear-hosts-remotos\/","title":{"rendered":"Comandos Principales de Nmap para escanear hosts remotos"},"content":{"rendered":"\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/i1.wp.com\/www.pcihispano.com\/contenido\/uploads\/2018\/08\/nmap-logo-256x256.png?fit=256%2C256&amp;ssl=1\" alt=\"\"\/><\/figure><\/div>\n\n\n\n<p>Nmap&nbsp;es uno de los mapeadores de redes m\u00e1s populares del mundo de la seguridad de la informaci\u00f3n.&nbsp;Tanto los profesionales de la ciberseguridad como los novatos lo utilizan para auditar y descubrir puertos abiertos locales y remotos, as\u00ed como hosts e informaci\u00f3n de red.<\/p>\n\n\n\n<p>Algunas de las mejores caracter\u00edsticas de esta herramienta son que es de c\u00f3digo abierto, gratuito, multiplataforma y recibe actualizaciones constantes cada a\u00f1o.&nbsp;Tambi\u00e9n tiene una gran ventaja: es uno de los esc\u00e1neres de red y de host m\u00e1s completos disponibles.&nbsp;Incluye un amplio conjunto de opciones para mejorar sus tareas de escaneo y mapeo, y trae consigo una comunidad incre\u00edble y documentaci\u00f3n completa para ayudarlo a comprender esta herramienta desde el principio.&nbsp;Nmap se puede utilizar para:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Cree un mapa completo de la red inform\u00e1tica.<\/li><li>Encuentre direcciones IP remotas de cualquier host.<\/li><li>Obtenga el sistema operativo y los detalles del software.<\/li><li>Detecta&nbsp;puertos abiertos&nbsp;en sistemas locales y remotos.<\/li><li>Auditar los est\u00e1ndares de seguridad del servidor.<\/li><li>Encuentre vulnerabilidades en hosts remotos y locales.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"best-15-nmap-command-examples\">15 ejemplos de comandos de Nmap<\/h2>\n\n\n\n<p>Conozcamos algunos an\u00e1lisis \u00fatiles basados \u200b\u200ben la l\u00ednea de comandos que se pueden realizar con Nmap.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"one-basic-nmap-scan-against-ip-or-host\"><strong>1. Escaneo b\u00e1sico de Nmap contra IP o host<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap 1.1.1.1<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_11_59_19.png\" alt=\"\" class=\"wp-image-389\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_11_59_19.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_11_59_19-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_11_59_19-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_11_59_19-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Ahora, si desea escanear un nombre de host, simplemente reemplace la IP del host, como puede ver a continuaci\u00f3n:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap cuc.edu.co<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_12.png\" alt=\"\" class=\"wp-image-390\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_12.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_12-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_12-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_12-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Este tipo de escaneos b\u00e1sicos son perfectos para sus primeros pasos al comenzar con Nmap.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"two-scan-specific-ports-or-scan-entire-port-ranges-on-a-local-or-remote-server\"><strong>2. Escanee puertos espec\u00edficos o escanee rangos de puertos completos en un servidor local o remoto<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -p 1-65535 localhost<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_45.png\" alt=\"\" class=\"wp-image-391\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_45.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_45-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_45-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_00_45-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>En este ejemplo, escaneamos todos los puertos 65535 para nuestra computadora localhost.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_06_55.png\" alt=\"\" class=\"wp-image-392\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_06_55.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_06_55-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_06_55-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_06_55-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Nmap puede escanear todos los puertos posibles, pero tambi\u00e9n puede escanear puertos espec\u00edficos, que reportar\u00e1n resultados m\u00e1s r\u00e1pidos.&nbsp;Vea abajo:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -p 80,443 8.8.8.8<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01.png\" alt=\"\" class=\"wp-image-393\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"three-scan-multiple-ip-addresses\"><strong>3. Escanee varias direcciones IP<\/strong><\/h3>\n\n\n\n<p>Intentemos escanear varias direcciones IP.&nbsp;Para ello, necesita utilizar esta sintaxis:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -p 80,443 8.8.8.8<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-1.png\" alt=\"\" class=\"wp-image-394\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-1.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-1-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-1-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_08_01-1-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Tambi\u00e9n puede escanear direcciones IP consecutivas:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap 1.1.1.1,2,3,4<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_14_06.png\" alt=\"\" class=\"wp-image-395\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_14_06.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_14_06-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_14_06-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_14_06-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Esto va a escanear&nbsp;<code>1.1.1.1<\/code>,&nbsp;<code>1.1.1.2<\/code>,&nbsp;<code>1.1.1.3 <\/code>y&nbsp;<code>1.1.1.4<\/code>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"four-scan-ip-ranges\"><strong>4. Escanear rangos de IP<\/strong><\/h3>\n\n\n\n<p>Tambi\u00e9n puede usar Nmap para escanear rangos de IP CIDR completos, por ejemplo:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap 8.8.8.0\/28<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_15_33.png\" alt=\"\" class=\"wp-image-396\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_15_33.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_15_33-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_15_33-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_15_33-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Esto escanear\u00e1 14 rangos de IP consecutivos, desde&nbsp;<code>8.8.8.1<\/code> hasta&nbsp;<code>8.8.8.14<\/code>.<\/p>\n\n\n\n<p>Una alternativa es simplemente usar este tipo de rango:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap 8.8.8.1-14<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_16_20.png\" alt=\"\" class=\"wp-image-397\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_16_20.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_16_20-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_16_20-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_16_20-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Incluso puede usar comodines para escanear todo el rango de IP de clase C, por ejemplo:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap 8.8.8.*<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_18_45.png\" alt=\"\" class=\"wp-image-399\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_18_45.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_18_45-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_18_45-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_18_45-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Esto escanear\u00e1 256 direcciones IP desde&nbsp;<code>8.8.8.1<\/code> hasta&nbsp;<code>8.8.8.256<\/code>.<\/p>\n\n\n\n<p>Si alguna vez necesita excluir ciertas IP del escaneo de rango de IP, puede usar la opci\u00f3n \u00ab&#8211;exclude\u00bb, como puede ver a continuaci\u00f3n:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -p 8.8.8.* --exclude 8.8.8.1<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_22_53.png\" alt=\"\" class=\"wp-image-401\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_22_53.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_22_53-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_22_53-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_22_53-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"five-scan-the-most-popular-ports\"><strong>5. Escanee los puertos m\u00e1s populares<\/strong><\/h3>\n\n\n\n<p>El uso del par\u00e1metro \u00ab\u2013top-ports\u00bb junto con un n\u00famero espec\u00edfico le permite escanear los X puertos m\u00e1s comunes para ese host, como podemos ver:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap --top-ports 20 cuc.edu.co<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_26_55.png\" alt=\"\" class=\"wp-image-402\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_26_55.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_26_55-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_26_55-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_26_55-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Reemplace \u00ab20\u00bb con el n\u00famero deseado.&nbsp;Ejemplo de salida:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@dsantana:~]nmap --top-ports 20 localhost\nStarting Nmap 6.40 ( http:\/\/nmap.org ) at 2018-10-01 10:02 EDT\nNmap scan report for localhost (127.0.0.1)\nHost is up (0.000016s latency).\nOther addresses for localhost (not scanned): 127.0.0.1\nPORT     STATE    SERVICE\n21\/tcp   closed   ftp\n22\/tcp   closed   ssh\n23\/tcp   closed   telnet\n25\/tcp   closed   smtp\n53\/tcp   closed   domain\n80\/tcp   filtered http\n110\/tcp  closed   pop3\n111\/tcp  closed   rpcbind\n135\/tcp  closed   msrpc\n139\/tcp  closed   netbios-ssn\n143\/tcp  closed   imap\n443\/tcp  filtered https\n445\/tcp  closed   microsoft-ds\n993\/tcp  closed   imaps\n995\/tcp  closed   pop3s\n1723\/tcp closed   pptp\n3306\/tcp closed   mysql\n3389\/tcp closed   ms-wbt-server\n5900\/tcp closed   vnc\n8080\/tcp closed   http-proxy<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_28_01.png\" alt=\"\" class=\"wp-image-403\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_28_01.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_28_01-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_28_01-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_28_01-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"six-scan-hosts-and-ip-addresses-reading-from-a-text-file\"><strong>6. Escanee los hosts y las direcciones IP que se leen desde un archivo de texto<\/strong><\/h3>\n\n\n\n<p>En este caso, Nmap tambi\u00e9n es \u00fatil para leer archivos que contienen hosts e IP en su interior.<\/p>\n\n\n\n<p>Supongamos que crea un archivo lista.txt que contiene estas l\u00edneas dentro:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>192.168.1.106\ncuc.edu.co\ndsantana.uas.edu.mx\nmicrosoft.com<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_34_01.png\" alt=\"\" class=\"wp-image-409\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_34_01.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_34_01-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_34_01-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_34_01-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>El par\u00e1metro \u00ab-iL\u00bb le permite leer de ese archivo y escanear todos esos hosts por usted:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -iL lista.txt<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_33_07.png\" alt=\"\" class=\"wp-image-408\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_33_07.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_33_07-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_33_07-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_33_07-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"seven-save-your-nmap-scan-results-to-a-file\"><strong>7. Guarde los resultados del escaneo de Nmap en un archivo<\/strong><\/h3>\n\n\n\n<p>Por otro lado, en el siguiente ejemplo no estaremos leyendo de un archivo, sino exportando \/ guardando nuestros resultados en un archivo de texto:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -oN output.txt cuc.edu.co<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_35_58.png\" alt=\"\" class=\"wp-image-410\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_35_58.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_35_58-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_35_58-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_35_58-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_36_28.png\" alt=\"\" class=\"wp-image-411\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_36_28.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_36_28-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_36_28-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_36_28-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Nmap tambi\u00e9n tiene la capacidad de exportar archivos en formato XML, vea el siguiente ejemplo:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -oX output.xml cuc.edu.co<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_37_50.png\" alt=\"\" class=\"wp-image-412\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_37_50.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_37_50-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_37_50-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_37_50-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_38_10.png\" alt=\"\" class=\"wp-image-413\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_38_10.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_38_10-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_38_10-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_38_10-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"eight-disabling-dns-name-resolution\"><strong>8. Desactivaci\u00f3n de la resoluci\u00f3n de nombres DNS<\/strong><\/h3>\n\n\n\n<p>Si necesita acelerar un poco sus escaneos, siempre puede optar por desactivar la resoluci\u00f3n DNS inversa para todos sus escaneos.&nbsp;Simplemente agregue el par\u00e1metro \u00ab-n\u00bb.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@dsantana:~]nmap -p 80 -n 8.8.8.8\nStarting Nmap 7.60 ( https:\/\/nmap.org ) at 2018-10-01 09:15 -03\nNmap scan report for 8.8.8.8\nHost is up (0.014s latency).\nPORT   STATE    SERVICE\n80\/tcp filtered http<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_47_28.png\" alt=\"\" class=\"wp-image-415\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_47_28.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_47_28-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_47_28-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_47_28-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Vea la diferencia con un escaneo normal habilitado con resoluci\u00f3n DNS:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@dsantana:~]nmap -p 80 8.8.8.8\nStarting Nmap 7.60 ( https:\/\/nmap.org ) at 2018-10-01 09:15 -03\nNmap scan report for google-public-dns-a.google.com (8.8.8.8)\nHost is up (0.014s latency).\nPORT   STATE    SERVICE\n80\/tcp filtered http<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_48_29.png\" alt=\"\" class=\"wp-image-416\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_48_29.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_48_29-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_48_29-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_48_29-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"nine-scan-os-and-service-detection-with-fast-execution\"><strong>9. Scan + OS y detecci\u00f3n de servicios con ejecuci\u00f3n r\u00e1pida<\/strong><\/h3>\n\n\n\n<p>El uso del par\u00e1metro \u00ab-A\u00bb le permite realizar la detecci\u00f3n del sistema operativo y del servicio, y al mismo tiempo lo combinamos con \u00ab-T4\u00bb para una ejecuci\u00f3n m\u00e1s r\u00e1pida.&nbsp;Vea el ejemplo a continuaci\u00f3n:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -A -T4 cuc.edu.co<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_54_07.png\" alt=\"\" class=\"wp-image-418\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_54_07.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_54_07-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_54_07-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_12_54_07-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Este es el resultado que obtuvimos para esta prueba:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Nmap 7.80 scan initiated Thu Sep 17 18:18:25 2020 as: nmap -A -T4 -oN cuc.edu.co.txt cuc.edu.co\nNmap scan report for cuc.edu.co (104.27.143.174)\nHost is up (0.067s latency).\nOther addresses for cuc.edu.co (not scanned): 2606:4700:3036::ac43:b513 2606:4700:3033::681b:8fae 2606:4700:3030::681b:8eae 172.67.181.19 104.27.142.174\nNot shown: 996 filtered ports\nPORT     STATE SERVICE       VERSION\n80\/tcp   open  http          cloudflare\n| fingerprint-strings: \n|   FourOhFourRequest: \n|     HTTP\/1.1 400 Bad Request\n|     Date: Thu, 17 Sep 2020 18:57:16 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     Server: cloudflare\n|     CF-RAY: 5d450d4d6ccde3c2-ATL\n|     cf-request-id: 053f06a4630000e3c276854200000001\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   GetRequest: \n|     HTTP\/1.1 400 Bad Request\n|     Date: Thu, 17 Sep 2020 18:57:15 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     Server: cloudflare\n|     CF-RAY: 5d450d49ebb4b9f8-ATL\n|     cf-request-id: 053f06a22e0000b9f8f10c7200000001\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   HTTPOptions: \n|     HTTP\/1.1 400 Bad Request\n|     Date: Thu, 17 Sep 2020 18:57:15 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     Server: cloudflare\n|     CF-RAY: 5d450d4acb8cf1b6-ATL\n|     cf-request-id: 053f06a2bc0000f1b624b48200000001\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   RTSPRequest: \n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   X11Probe: \n|     HTTP\/1.1 400 Bad Request\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:16 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     CF-RAY: -\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|_    &lt;\/html>\n| http-robots.txt: 23 disallowed entries (15 shown)\n| \/joomla\/administrator\/ \/administrator\/ \/cache\/ \/cli\/ \n| \/components\/ \/images\/ \/includes\/ \/installation\/ \/language\/ \n|_\/libraries\/ \/logs\/ \/media\/ \/modules\/ \/plugins\/ \/templates\/\n|_http-server-header: cloudflare\n|_http-title: Did not follow redirect to https:\/\/cuc.edu.co\/\n443\/tcp  open  ssl\/https     cloudflare\n| fingerprint-strings: \n|   FourOhFourRequest: \n|     HTTP\/1.1 403 Forbidden\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:22 GMT\n|     Content-Type: text\/html\n|     Content-Length: 151\n|     Connection: close\n|     CF-RAY: 5d450d74a8e907c2-ATL\n|     cf-request-id: 053f06bce9000007c2133b7200000001\n|     &lt;html>\n|     &lt;head>&lt;title>403 Forbidden&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>403 Forbidden&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   GetRequest: \n|     HTTP\/1.1 403 Forbidden\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:22 GMT\n|     Content-Type: text\/html\n|     Content-Length: 151\n|     Connection: close\n|     CF-RAY: 5d450d70ebdee4d8-ATL\n|     cf-request-id: 053f06ba8f0000e4d8a2b05200000001\n|     &lt;html>\n|     &lt;head>&lt;title>403 Forbidden&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>403 Forbidden&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   HTTPOptions: \n|     HTTP\/1.1 403 Forbidden\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:22 GMT\n|     Content-Type: text\/html\n|     Content-Length: 151\n|     Connection: close\n|     CF-RAY: 5d450d72eb59f345-ATL\n|     cf-request-id: 053f06bbcc0000f34583321200000001\n|     &lt;html>\n|     &lt;head>&lt;title>403 Forbidden&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>403 Forbidden&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   RTSPRequest: \n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   tor-versions: \n|     HTTP\/1.1 400 Bad Request\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:22 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     CF-RAY: -\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|_    &lt;\/html>\n| http-robots.txt: 23 disallowed entries (15 shown)\n| \/joomla\/administrator\/ \/administrator\/ \/cache\/ \/cli\/ \n| \/components\/ \/images\/ \/includes\/ \/installation\/ \/language\/ \n|_\/libraries\/ \/logs\/ \/media\/ \/modules\/ \/plugins\/ \/templates\/\n|_http-server-header: cloudflare\n|_http-title: Universidad de la Costa CUC\n| ssl-cert: Subject: commonName=cuc.edu.co\/organizationName=Cloudflare, Inc.\/stateOrProvinceName=CA\/countryName=US\n| Subject Alternative Name: DNS:*.cuc.edu.co, DNS:cuc.edu.co\n| Not valid before: 2020-07-02T00:00:00\n|_Not valid after:  2021-07-02T12:00:00\n8080\/tcp open  http-proxy    cloudflare\n| fingerprint-strings: \n|   FourOhFourRequest: \n|     HTTP\/1.1 400 Bad Request\n|     Date: Thu, 17 Sep 2020 18:57:16 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     Server: cloudflare\n|     CF-RAY: 5d450d4cae9c180f-ATL\n|     cf-request-id: 053f06a3e80000180f5b1e1200000001\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   GetRequest: \n|     HTTP\/1.1 400 Bad Request\n|     Date: Thu, 17 Sep 2020 18:57:15 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     Server: cloudflare\n|     CF-RAY: 5d450d49e88a187b-ATL\n|     cf-request-id: 053f06a22d0000187b50a68200000001\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   HTTPOptions: \n|     HTTP\/1.1 400 Bad Request\n|     Date: Thu, 17 Sep 2020 18:57:15 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     Server: cloudflare\n|     CF-RAY: 5d450d4aefeb07ba-ATL\n|     cf-request-id: 053f06a2cf000007ba6c1fa200000001\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   RTSPRequest: \n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   Socks5: \n|     HTTP\/1.1 400 Bad Request\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:16 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     CF-RAY: -\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|_    &lt;\/html>\n|_http-server-header: cloudflare\n8443\/tcp open  ssl\/https-alt cloudflare\n| fingerprint-strings: \n|   FourOhFourRequest: \n|     HTTP\/1.1 403 Forbidden\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:22 GMT\n|     Content-Type: text\/html\n|     Content-Length: 151\n|     Connection: close\n|     CF-RAY: 5d450d745988ecdb-ATL\n|     cf-request-id: 053f06bcbb0000ecdb0f897200000001\n|     &lt;html>\n|     &lt;head>&lt;title>403 Forbidden&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>403 Forbidden&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   GetRequest: \n|     HTTP\/1.1 403 Forbidden\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:22 GMT\n|     Content-Type: text\/html\n|     Content-Length: 151\n|     Connection: close\n|     CF-RAY: 5d450d70e905ec11-ATL\n|     cf-request-id: 053f06ba8e0000ec118110e200000001\n|     &lt;html>\n|     &lt;head>&lt;title>403 Forbidden&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>403 Forbidden&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   HTTPOptions: \n|     HTTP\/1.1 403 Forbidden\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:22 GMT\n|     Content-Type: text\/html\n|     Content-Length: 151\n|     Connection: close\n|     CF-RAY: 5d450d729cebec29-ATL\n|     cf-request-id: 053f06bba30000ec29e5865200000001\n|     &lt;html>\n|     &lt;head>&lt;title>403 Forbidden&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>403 Forbidden&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   RPCCheck: \n|     HTTP\/1.1 400 Bad Request\n|     Server: cloudflare\n|     Date: Thu, 17 Sep 2020 18:57:28 GMT\n|     Content-Type: text\/html\n|     Content-Length: 155\n|     Connection: close\n|     CF-RAY: -\n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|     &lt;\/html>\n|   RTSPRequest: \n|     &lt;html>\n|     &lt;head>&lt;title>400 Bad Request&lt;\/title>&lt;\/head>\n|     &lt;body>\n|     &lt;center>&lt;h1>400 Bad Request&lt;\/h1>&lt;\/center>\n|     &lt;hr>&lt;center>cloudflare&lt;\/center>\n|     &lt;\/body>\n|_    &lt;\/html>\n|_http-server-header: cloudflare\n|_http-title: 400 The plain HTTP request was sent to HTTPS port\n| ssl-cert: Subject: commonName=cuc.edu.co\/organizationName=Cloudflare, Inc.\/stateOrProvinceName=CA\/countryName=US\n| Subject Alternative Name: DNS:*.cuc.edu.co, DNS:cuc.edu.co\n| Not valid before: 2020-07-02T00:00:00\n|_Not valid after:  2021-07-02T12:00:00\n4 services unrecognized despite returning data. If you know the service\/version, please submit the following fingerprints at https:\/\/nmap.org\/cgi-bin\/submit.cgi?new-service :\n==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============\nSF-Port80-TCP:V=7.80%I=7%D=9\/17%Time=5F63A87F%P=x86_64-pc-linux-gnu%r(GetR\nSF:equest,180,\"HTTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nDate:\\x20Thu,\\x2017\\x\nSF:20Sep\\x202020\\x2018:57:15\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nConte\nSF:nt-Length:\\x20155\\r\\nConnection:\\x20close\\r\\nServer:\\x20cloudflare\\r\\nC\nSF:F-RAY:\\x205d450d49ebb4b9f8-ATL\\r\\ncf-request-id:\\x20053f06a22e0000b9f8f\nSF:10c7200000001\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/titl\nSF:e>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\\nSF:r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(HTTPOp\nSF:tions,180,\"HTTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nDate:\\x20Thu,\\x2017\\x2\nSF:0Sep\\x202020\\x2018:57:15\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nConten\nSF:t-Length:\\x20155\\r\\nConnection:\\x20close\\r\\nServer:\\x20cloudflare\\r\\nCF\nSF:-RAY:\\x205d450d4acb8cf1b6-ATL\\r\\ncf-request-id:\\x20053f06a2bc0000f1b624\nSF:b48200000001\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/title\nSF:>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\nSF:\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(RTSPReq\nSF:uest,9B,\"&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\\nSF:n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;cent\nSF:er>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(X11Probe,13C,\"HTTP\nSF:\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x20cloudflare\\r\\nDate:\\x20Thu\nSF:,\\x2017\\x20Sep\\x202020\\x2018:57:16\\x20GMT\\r\\nContent-Type:\\x20text\/html\nSF:\\r\\nContent-Length:\\x20155\\r\\nConnection:\\x20close\\r\\nCF-RAY:\\x20-\\r\\n\\\nSF:r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\n&lt;body\nSF:>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>clo\nSF:udflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(FourOhFourRequest,180,\"H\nSF:TTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nDate:\\x20Thu,\\x2017\\x20Sep\\x202020\nSF:\\x2018:57:16\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nContent-Length:\\x2\nSF:0155\\r\\nConnection:\\x20close\\r\\nServer:\\x20cloudflare\\r\\nCF-RAY:\\x205d4\nSF:50d4d6ccde3c2-ATL\\r\\ncf-request-id:\\x20053f06a4630000e3c276854200000001\nSF:\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\n\nSF:&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;cente\nSF:r>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\");\n==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============\nSF-Port443-TCP:V=7.80%T=SSL%I=7%D=9\/17%Time=5F63A885%P=x86_64-pc-linux-gnu\nSF:%r(GetRequest,17A,\"HTTP\/1\\.1\\x20403\\x20Forbidden\\r\\nServer:\\x20cloudfla\nSF:re\\r\\nDate:\\x20Thu,\\x2017\\x20Sep\\x202020\\x2018:57:22\\x20GMT\\r\\nContent-\nSF:Type:\\x20text\/html\\r\\nContent-Length:\\x20151\\r\\nConnection:\\x20close\\r\\\nSF:nCF-RAY:\\x205d450d70ebdee4d8-ATL\\r\\ncf-request-id:\\x20053f06ba8f0000e4d\nSF:8a2b05200000001\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>403\\x20Forbidden&lt;\/title>&lt;\nSF:\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>403\\x20Forbidden&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;\nSF:center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(HTTPOptions,17\nSF:A,\"HTTP\/1\\.1\\x20403\\x20Forbidden\\r\\nServer:\\x20cloudflare\\r\\nDate:\\x20T\nSF:hu,\\x2017\\x20Sep\\x202020\\x2018:57:22\\x20GMT\\r\\nContent-Type:\\x20text\/ht\nSF:ml\\r\\nContent-Length:\\x20151\\r\\nConnection:\\x20close\\r\\nCF-RAY:\\x205d45\nSF:0d72eb59f345-ATL\\r\\ncf-request-id:\\x20053f06bbcc0000f34583321200000001\\\nSF:r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>403\\x20Forbidden&lt;\/title>&lt;\/head>\\r\\n&lt;body>\nSF:\\r\\n&lt;center>&lt;h1>403\\x20Forbidden&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudflar\nSF:e&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(FourOhFourRequest,17A,\"HTTP\/1\\\nSF:.1\\x20403\\x20Forbidden\\r\\nServer:\\x20cloudflare\\r\\nDate:\\x20Thu,\\x2017\\\nSF:x20Sep\\x202020\\x2018:57:22\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nCont\nSF:ent-Length:\\x20151\\r\\nConnection:\\x20close\\r\\nCF-RAY:\\x205d450d74a8e907\nSF:c2-ATL\\r\\ncf-request-id:\\x20053f06bce9000007c2133b7200000001\\r\\n\\r\\n&lt;ht\nSF:ml>\\r\\n&lt;head>&lt;title>403\\x20Forbidden&lt;\/title>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;cente\nSF:r>&lt;h1>403\\x20Forbidden&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\nSF:\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(tor-versions,13C,\"HTTP\/1\\.1\\x20400\\x20Ba\nSF:d\\x20Request\\r\\nServer:\\x20cloudflare\\r\\nDate:\\x20Thu,\\x2017\\x20Sep\\x20\nSF:2020\\x2018:57:22\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nContent-Length\nSF::\\x20155\\r\\nConnection:\\x20close\\r\\nCF-RAY:\\x20-\\r\\n\\r\\n&lt;html>\\r\\n&lt;head\nSF:>&lt;title>400\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>4\nSF:00\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\nSF:\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(RTSPRequest,9B,\"&lt;html>\\r\\n&lt;head>&lt;title>400\nSF:\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x\nSF:20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\nSF:\\n&lt;\/html>\\r\\n\");\n==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============\nSF-Port8080-TCP:V=7.80%I=7%D=9\/17%Time=5F63A87F%P=x86_64-pc-linux-gnu%r(Ge\nSF:tRequest,180,\"HTTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nDate:\\x20Thu,\\x2017\nSF:\\x20Sep\\x202020\\x2018:57:15\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nCon\nSF:tent-Length:\\x20155\\r\\nConnection:\\x20close\\r\\nServer:\\x20cloudflare\\r\\\nSF:nCF-RAY:\\x205d450d49e88a187b-ATL\\r\\ncf-request-id:\\x20053f06a22d0000187\nSF:b50a68200000001\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/ti\nSF:tle>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center\nSF:>\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(HTTP\nSF:Options,180,\"HTTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nDate:\\x20Thu,\\x2017\\\nSF:x20Sep\\x202020\\x2018:57:15\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nCont\nSF:ent-Length:\\x20155\\r\\nConnection:\\x20close\\r\\nServer:\\x20cloudflare\\r\\n\nSF:CF-RAY:\\x205d450d4aefeb07ba-ATL\\r\\ncf-request-id:\\x20053f06a2cf000007ba\nSF:6c1fa200000001\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/tit\nSF:le>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\nSF:\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(RTSPR\nSF:equest,9B,\"&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\\nSF:r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;ce\nSF:nter>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(FourOhFourReques\nSF:t,180,\"HTTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nDate:\\x20Thu,\\x2017\\x20Sep\nSF:\\x202020\\x2018:57:16\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nContent-Le\nSF:ngth:\\x20155\\r\\nConnection:\\x20close\\r\\nServer:\\x20cloudflare\\r\\nCF-RAY\nSF::\\x205d450d4cae9c180f-ATL\\r\\ncf-request-id:\\x20053f06a3e80000180f5b1e12\nSF:00000001\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/title>&lt;\/h\nSF:ead>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;h\nSF:r>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(Socks5,13C,\nSF:\"HTTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\\nServer:\\x20cloudflare\\r\\nDate:\\x\nSF:20Thu,\\x2017\\x20Sep\\x202020\\x2018:57:16\\x20GMT\\r\\nContent-Type:\\x20text\nSF:\/html\\r\\nContent-Length:\\x20155\\r\\nConnection:\\x20close\\r\\nCF-RAY:\\x20-\nSF:\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\n\nSF:&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;cente\nSF:r>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\");\n==============NEXT SERVICE FINGERPRINT (SUBMIT INDIVIDUALLY)==============\nSF-Port8443-TCP:V=7.80%T=SSL%I=7%D=9\/17%Time=5F63A885%P=x86_64-pc-linux-gn\nSF:u%r(GetRequest,17A,\"HTTP\/1\\.1\\x20403\\x20Forbidden\\r\\nServer:\\x20cloudfl\nSF:are\\r\\nDate:\\x20Thu,\\x2017\\x20Sep\\x202020\\x2018:57:22\\x20GMT\\r\\nContent\nSF:-Type:\\x20text\/html\\r\\nContent-Length:\\x20151\\r\\nConnection:\\x20close\\r\nSF:\\nCF-RAY:\\x205d450d70e905ec11-ATL\\r\\ncf-request-id:\\x20053f06ba8e0000ec\nSF:118110e200000001\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>403\\x20Forbidden&lt;\/title>\nSF:&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>403\\x20Forbidden&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>\nSF:&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(HTTPOptions,1\nSF:7A,\"HTTP\/1\\.1\\x20403\\x20Forbidden\\r\\nServer:\\x20cloudflare\\r\\nDate:\\x20\nSF:Thu,\\x2017\\x20Sep\\x202020\\x2018:57:22\\x20GMT\\r\\nContent-Type:\\x20text\/h\nSF:tml\\r\\nContent-Length:\\x20151\\r\\nConnection:\\x20close\\r\\nCF-RAY:\\x205d4\nSF:50d729cebec29-ATL\\r\\ncf-request-id:\\x20053f06bba30000ec29e5865200000001\nSF:\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>403\\x20Forbidden&lt;\/title>&lt;\/head>\\r\\n&lt;body\nSF:>\\r\\n&lt;center>&lt;h1>403\\x20Forbidden&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudfla\nSF:re&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(FourOhFourRequest,17A,\"HTTP\/1\nSF:\\.1\\x20403\\x20Forbidden\\r\\nServer:\\x20cloudflare\\r\\nDate:\\x20Thu,\\x2017\nSF:\\x20Sep\\x202020\\x2018:57:22\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nCon\nSF:tent-Length:\\x20151\\r\\nConnection:\\x20close\\r\\nCF-RAY:\\x205d450d745988e\nSF:cdb-ATL\\r\\ncf-request-id:\\x20053f06bcbb0000ecdb0f897200000001\\r\\n\\r\\n&lt;h\nSF:tml>\\r\\n&lt;head>&lt;title>403\\x20Forbidden&lt;\/title>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;cent\nSF:er>&lt;h1>403\\x20Forbidden&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center\nSF:>\\r\\n&lt;\/body>\\r\\n&lt;\/html>\\r\\n\")%r(RTSPRequest,9B,\"&lt;html>\\r\\n&lt;head>&lt;title>\nSF:400\\x20Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Ba\nSF:d\\x20Request&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body\nSF:>\\r\\n&lt;\/html>\\r\\n\")%r(RPCCheck,13C,\"HTTP\/1\\.1\\x20400\\x20Bad\\x20Request\\r\nSF:\\nServer:\\x20cloudflare\\r\\nDate:\\x20Thu,\\x2017\\x20Sep\\x202020\\x2018:57:\nSF:28\\x20GMT\\r\\nContent-Type:\\x20text\/html\\r\\nContent-Length:\\x20155\\r\\nCo\nSF:nnection:\\x20close\\r\\nCF-RAY:\\x20-\\r\\n\\r\\n&lt;html>\\r\\n&lt;head>&lt;title>400\\x2\nSF:0Bad\\x20Request&lt;\/title>&lt;\/head>\\r\\n&lt;body>\\r\\n&lt;center>&lt;h1>400\\x20Bad\\x20R\nSF:equest&lt;\/h1>&lt;\/center>\\r\\n&lt;hr>&lt;center>cloudflare&lt;\/center>\\r\\n&lt;\/body>\\r\\n&lt;\nSF:\/html>\\r\\n\");\n\nService detection performed. Please report any incorrect results at https:\/\/nmap.org\/submit\/ .\n# Nmap done at Thu Sep 17 18:20:20 2020 -- 1 IP address (1 host up) scanned in 115.58 seconds<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"one0-detect-service-daemon-versions\"><strong>10. Detectar versiones de servicio \/ demonio<\/strong><\/h3>\n\n\n\n<p>Esto se puede hacer usando los par\u00e1metros -sV<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -sV localhost<\/code><\/pre>\n\n\n\n<p>Como puede ver aqu\u00ed:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@dsantana:~]nmap -sV localhost\nStarting Nmap 7.60 ( https:\/\/nmap.org ) at 2018-10-01 09:28 -03\nNmap scan report for localhost (127.0.0.1)\nHost is up (0.000020s latency).\nOther addresses for localhost (not scanned): ::1\nNot shown: 997 closed ports\nPORT STATE SERVICE VERSION\n111\/tcp open rpcbind 2-4 (RPC #100000)\n631\/tcp open ipp CUPS 2.2\n902\/tcp open ssl\/vmware-auth VMware Authentication Daemon 1.10 (Uses VNC, SOAP)\n\nService detection performed. Please report any incorrect results at https:\/\/nmap.org\/submit\/ .\nNmap done: 1 IP address (1 host up) scanned in 7.96 seconds<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_12_53.png\" alt=\"\" class=\"wp-image-422\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_12_53.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_12_53-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_12_53-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_12_53-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_14_47.png\" alt=\"\" class=\"wp-image-423\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_14_47.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_14_47-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_14_47-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_14_47-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>11. Escanee usando protocolos TCP o UDP<\/strong><\/p>\n\n\n\n<p>Una de las cosas que m\u00e1s nos gustan de Nmap es el hecho de que funciona con los protocolos TCP y UDP.&nbsp;Y aunque la mayor\u00eda de los servicios se ejecutan en TCP, tambi\u00e9n puede obtener una gran ventaja al escanear servicios basados \u200b\u200ben UDP.&nbsp;Veamos algunos ejemplos.<\/p>\n\n\n\n<p>Salida de escaneo TCP est\u00e1ndar:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -sT 192.168.1.1<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@dsantana:~]nmap -sT 192.168.1.1\nStarting Nmap 7.60 ( https:\/\/nmap.org ) at 2018-10-01 09:33 -03\nNmap scan report for 192.168.1.1\nHost is up (0.58s latency).\nNot shown: 995 closed ports\nPORT STATE SERVICE\n80\/tcp open http\n1900\/tcp open upnp\n20005\/tcp open btx\n49152\/tcp open unknown\n49153\/tcp open unknown\nNmap done: 1 IP address (1 host up) scanned in 1.43 seconds<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_15_57.png\" alt=\"\" class=\"wp-image-425\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_15_57.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_15_57-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_15_57-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_15_57-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Resultados de la exploraci\u00f3n UDP mediante el par\u00e1metro \u00ab-sU\u00bb:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nmap -sU localhost<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@dsantana:~]sudo nmap -sU localhost\nStarting Nmap 7.60 ( https:\/\/nmap.org ) at 2018-10-01 09:37 -03\nNmap scan report for localhost (127.0.0.1)\nHost is up (0.000021s latency).\nOther addresses for localhost (not scanned): ::1\nNot shown: 997 closed ports\nPORT STATE SERVICE\n68\/udp open|filtered dhcpc\n111\/udp open rpcbind\n5353\/udp open|filtered zeroconf<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_23_39.png\" alt=\"\" class=\"wp-image-428\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_23_39.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_23_39-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_23_39-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_23_39-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"one2-cve-detection-using-nmap\"><strong>12. Detecci\u00f3n de CVE usando Nmap<\/strong><\/h3>\n\n\n\n<p>Una de las caracter\u00edsticas m\u00e1s importantes de Nmap que no todos los administradores de redes y sistemas conocen es algo llamado \u201cNmap Scripting Engine\u201d (conocido como&nbsp;NSE&nbsp;).&nbsp;Este motor de secuencias de comandos permite a los usuarios utilizar un conjunto predefinido de secuencias de comandos o escribir las suyas propias utilizando el lenguaje de programaci\u00f3n Lua.<\/p>\n\n\n\n<p>El uso de NSE es fundamental para automatizar los an\u00e1lisis de vulnerabilidades y del sistema.&nbsp;Por ejemplo, si desea ejecutar una prueba de vulnerabilidad completa contra su objetivo, puede usar estos par\u00e1metros:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -Pn --script vuln 192.168.1.105<\/code><\/pre>\n\n\n\n<p>Ejemplo de salida:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&#91;root@dsantana:~]nmap -Pn --script vuln 192.168.1.105\nStarting Nmap 7.60 ( https:\/\/nmap.org ) at 2018-10-01 09:46 -03\nPre-scan script results:\n| broadcast-avahi-dos:\n| Discovered hosts:\n| 224.0.0.251\n| After NULL UDP avahi packet DoS (CVE-2011-1002).\n|_ Hosts are all up (not vulnerable).\nNmap scan report for 192.168.1.105\nHost is up (0.00032s latency).\nNot shown: 995 closed ports\nPORT STATE SERVICE\n80\/tcp open http\n|_http-csrf: Couldn't find any CSRF vulnerabilities.\n|_http-dombased-xss: Couldn't find any DOM based XSS.\n| http-slowloris-check:\n| VULNERABLE:\n| Slowloris DOS attack\n| State: LIKELY VULNERABLE\n| IDs: CVE:CVE-2007-6750\n| Slowloris tries to keep many connections to the target web server open and hold\n| them open as long as possible. It accomplishes this by opening connections to\n| the target web server and sending a partial request. By doing so, it starves\n| the http server's resources causing Denial Of Service.\n|\n| Disclosure date: 2009-09-17\n| References:\n| http:\/\/ha.ckers.org\/slowloris\/\n|_ https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2007-6750\n|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.\n|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)\n1900\/tcp open upnp\n20005\/tcp open btx\n49152\/tcp open unknown\n49153\/tcp open unknown<\/code><\/pre>\n\n\n\n<p>Como puede ver, en esta prueba de vulnerabilidad pudimos detectar un CVE (ataque DOS Slowloris).<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_33_23.png\" alt=\"\" class=\"wp-image-430\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_33_23.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_33_23-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_33_23-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_33_23-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"one3-launching-dos-with-nmap\"><strong>13. Lanzamiento de DOS con Nmap<\/strong><\/h3>\n\n\n\n<p>Las caracter\u00edsticas de Nmap nunca parecen terminar, y gracias al NSE, eso incluso nos permite lanzar ataques DOS contra nuestras pruebas de red.<\/p>\n\n\n\n<p>En nuestro ejemplo anterior (# 12) encontramos que el host era vulnerable al ataque de Slowloris, y ahora intentaremos explotar esa vulnerabilidad lanzando un ataque de DOS en un ciclo indefinido:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap 192.168.1.105 -max-parallelism 800 -Pn --script http-slowloris --script-args http-slowloris.runforever=true<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_37_06.png\" alt=\"\" class=\"wp-image-432\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_37_06.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_37_06-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_37_06-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_37_06-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>14. Lanzar ataques de fuerza bruta<\/strong><\/p>\n\n\n\n<p>NSE es realmente fascinante: contiene secuencias de comandos para todo lo que puedas imaginar.&nbsp;Vea los siguientes tres ejemplos de BFA contra WordPress, MSSQL y servidor FTP:<\/p>\n\n\n\n<p>Ataque de fuerza bruta de WordPress:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -sV --script http-wordpress-brute --script-args 'userdb=users.txt,passdb=passwds.txt,http-wordpress-brute.hostname=domain.com, http-wordpress-brute.threads=3,brute.firstonly=true' 192.168.1.105<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_43_10.png\" alt=\"\" class=\"wp-image-434\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_43_10.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_43_10-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_43_10-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_43_10-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Ataque de fuerza bruta contra MS-SQL:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -p 1433 --script ms-sql-brute --script-args userdb=customuser.txt,passdb=custompass.txt 192.168.1.105<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_45_13.png\" alt=\"\" class=\"wp-image-437\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_45_13.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_45_13-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_45_13-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_45_13-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Ataque de fuerza bruta FTP:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap --script ftp-brute -p 21 192.168.1.105<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_46_21.png\" alt=\"\" class=\"wp-image-439\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_46_21.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_46_21-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_46_21-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_46_21-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"one5-detecting-malware-infections-on-remote-hosts\"><strong>15. Detectar infecciones de malware en hosts remotos<\/strong><\/h3>\n\n\n\n<p>Nmap puede detectar malware y puertas traseras mediante la ejecuci\u00f3n de pruebas exhaustivas en algunos servicios de sistemas operativos populares, como Identd, Proftpd, Vsftpd, IRC, SMB y SMTP.&nbsp;Tambi\u00e9n tiene un m\u00f3dulo para buscar se\u00f1ales de malware populares dentro de servidores remotos y tambi\u00e9n integra las bases de datos de Navegaci\u00f3n Segura y VirusTotal de Google.<\/p>\n\n\n\n<p>Se puede realizar un escaneo de malware com\u00fan usando:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -sV --script=http-malware-host 192.168.1.105<\/code><\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_49_41.png\" alt=\"\" class=\"wp-image-440\" srcset=\"https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_49_41.png 1024w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_49_41-300x225.png 300w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_49_41-768x576.png 768w, https:\/\/dsantana.uas.edu.mx\/wp-content\/uploads\/2020\/09\/VirtualBox_Kali_17_09_2020_13_49_41-750x563.png 750w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>O usando la comprobaci\u00f3n de malware de Google:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>nmap -p80 --script http-google-malware infectedsite.com<\/code><\/pre>\n\n\n\n<p>Ejemplo de salida:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>80\/tcp open  http\n|_http-google-malware.nse: Host is known for distributing malware.<\/code><\/pre>\n\n\n\n<p>Nmap es uno de los&nbsp;esc\u00e1neres de puertos&nbsp;m\u00e1s completos y precisos que&nbsp;utilizan los profesionales de la seguridad de la informaci\u00f3n en la actualidad.&nbsp;Con \u00e9l, puede realizar tareas simples de escaneo de puertos o usar su poderoso motor de scripting para lanzar ataques DOS, detectar malware o pruebas de fuerza bruta en servidores remotos y locales.<\/p>\n\n\n\n<p>Hoy cubrimos los quince principales comandos de Nmap para escanear hosts remotos, pero hay mucho m\u00e1s por descubrir si est\u00e1 comenzando a usar Nmap en su estrategia OSINT.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Nmap&nbsp;es uno de los mapeadores de redes m\u00e1s populares del mundo de la seguridad de la informaci\u00f3n.&nbsp;Tanto los profesionales de la ciberseguridad como los novatos lo utilizan para auditar y descubrir puertos abiertos locales y remotos, as\u00ed como hosts e informaci\u00f3n de red. Algunas de las mejores caracter\u00edsticas de esta herramienta son que es de c\u00f3digo abierto, gratuito, multiplataforma y recibe actualizaciones constantes cada a\u00f1o.&nbsp;Tambi\u00e9n tiene una gran ventaja: es uno de los esc\u00e1neres de red y de host m\u00e1s completos disponibles.&nbsp;Incluye un amplio conjunto de opciones para mejorar sus tareas de escaneo y mapeo, y trae consigo una comunidad incre\u00edble y documentaci\u00f3n completa para ayudarlo a comprender esta herramienta desde el principio.&nbsp;Nmap se puede utilizar para: Cree un mapa completo de la red inform\u00e1tica. Encuentre direcciones IP remotas de cualquier host. Obtenga el sistema operativo y los detalles del software. Detecta&nbsp;puertos abiertos&nbsp;en sistemas locales y remotos. Auditar los est\u00e1ndares de seguridad del servidor. Encuentre vulnerabilidades en hosts remotos y locales. 15 ejemplos de comandos de Nmap Conozcamos algunos an\u00e1lisis \u00fatiles basados \u200b\u200ben la l\u00ednea de comandos que se pueden realizar con Nmap. 1. Escaneo b\u00e1sico de Nmap contra IP o host Ahora, si desea escanear un nombre de host, simplemente reemplace la IP del host, como puede ver a continuaci\u00f3n: Este tipo de escaneos b\u00e1sicos son perfectos para sus primeros pasos al comenzar con Nmap. 2. Escanee puertos espec\u00edficos o escanee rangos de puertos completos en un servidor local o remoto En este ejemplo, escaneamos todos los puertos 65535 para nuestra computadora localhost. Nmap puede escanear todos los puertos posibles, pero tambi\u00e9n puede escanear puertos espec\u00edficos, que reportar\u00e1n resultados m\u00e1s r\u00e1pidos.&nbsp;Vea abajo: 3. Escanee varias direcciones IP Intentemos escanear varias direcciones IP.&nbsp;Para ello, necesita utilizar esta sintaxis: Tambi\u00e9n puede escanear direcciones IP consecutivas: Esto va a escanear&nbsp;1.1.1.1,&nbsp;1.1.1.2,&nbsp;1.1.1.3 y&nbsp;1.1.1.4. 4. Escanear rangos de IP Tambi\u00e9n puede usar Nmap para escanear rangos de IP CIDR completos, por ejemplo: Esto escanear\u00e1 14 rangos de IP consecutivos, desde&nbsp;8.8.8.1 hasta&nbsp;8.8.8.14. Una alternativa es simplemente usar este tipo de rango: Incluso puede usar comodines para escanear todo el rango de IP de clase C, por ejemplo: Esto escanear\u00e1 256 direcciones IP desde&nbsp;8.8.8.1 hasta&nbsp;8.8.8.256. Si alguna vez necesita excluir ciertas IP del escaneo de rango de IP, puede usar la opci\u00f3n \u00ab&#8211;exclude\u00bb, como puede ver a continuaci\u00f3n: 5. Escanee los puertos m\u00e1s populares El uso del par\u00e1metro \u00ab\u2013top-ports\u00bb junto con un n\u00famero espec\u00edfico le permite escanear los X puertos m\u00e1s comunes para ese host, como podemos ver: Reemplace \u00ab20\u00bb con el n\u00famero deseado.&nbsp;Ejemplo de salida: 6. Escanee los hosts y las direcciones IP que se leen desde un archivo de texto En este caso, Nmap tambi\u00e9n es \u00fatil para leer archivos que contienen hosts e IP en su interior. Supongamos que crea un archivo lista.txt que contiene estas l\u00edneas dentro: El par\u00e1metro \u00ab-iL\u00bb le permite leer de ese archivo y escanear todos esos hosts por usted: 7. Guarde los resultados del escaneo de Nmap en un archivo Por otro lado, en el siguiente ejemplo no estaremos leyendo de un archivo, sino exportando \/ guardando nuestros resultados en un archivo de texto: Nmap tambi\u00e9n tiene la capacidad de exportar archivos en formato XML, vea el siguiente ejemplo: 8. Desactivaci\u00f3n de la resoluci\u00f3n de nombres DNS Si necesita acelerar un poco sus escaneos, siempre puede optar por desactivar la resoluci\u00f3n DNS inversa para todos sus escaneos.&nbsp;Simplemente agregue el par\u00e1metro \u00ab-n\u00bb. Vea la diferencia con un escaneo normal habilitado con resoluci\u00f3n DNS: 9. Scan + OS y detecci\u00f3n de servicios con ejecuci\u00f3n r\u00e1pida El uso del par\u00e1metro \u00ab-A\u00bb le permite realizar la detecci\u00f3n del sistema operativo y del servicio, y al mismo tiempo lo combinamos con \u00ab-T4\u00bb para una ejecuci\u00f3n m\u00e1s r\u00e1pida.&nbsp;Vea el ejemplo a continuaci\u00f3n: Este es el resultado que obtuvimos para esta prueba: 10. Detectar versiones de servicio \/ demonio Esto se puede hacer usando los par\u00e1metros -sV Como puede ver aqu\u00ed: 11. Escanee usando protocolos TCP o UDP Una de las cosas que m\u00e1s nos gustan de Nmap es el hecho de que funciona con los protocolos TCP y UDP.&nbsp;Y aunque la mayor\u00eda de los servicios se ejecutan en TCP, tambi\u00e9n puede obtener una gran ventaja al escanear servicios basados \u200b\u200ben UDP.&nbsp;Veamos algunos ejemplos. Salida de escaneo TCP est\u00e1ndar: Resultados de la exploraci\u00f3n UDP mediante el par\u00e1metro \u00ab-sU\u00bb: 12. Detecci\u00f3n de CVE usando Nmap Una de las caracter\u00edsticas m\u00e1s importantes de Nmap que no todos los administradores de redes y sistemas conocen es algo llamado \u201cNmap Scripting Engine\u201d (conocido como&nbsp;NSE&nbsp;).&nbsp;Este motor de secuencias de comandos permite a los usuarios utilizar un conjunto predefinido de secuencias de comandos o escribir las suyas propias utilizando el lenguaje de programaci\u00f3n Lua. El uso de NSE es fundamental para automatizar los an\u00e1lisis de vulnerabilidades y del sistema.&nbsp;Por ejemplo, si desea ejecutar una prueba de vulnerabilidad completa contra su objetivo, puede usar estos par\u00e1metros: Ejemplo de salida: Como puede ver, en esta prueba de vulnerabilidad pudimos detectar un CVE (ataque DOS Slowloris). 13. Lanzamiento de DOS con Nmap Las caracter\u00edsticas de Nmap nunca parecen terminar, y gracias al NSE, eso incluso nos permite lanzar ataques DOS contra nuestras pruebas de red. En nuestro ejemplo anterior (# 12) encontramos que el host era vulnerable al ataque de Slowloris, y ahora intentaremos explotar esa vulnerabilidad lanzando un ataque de DOS en un ciclo indefinido: 14. Lanzar ataques de fuerza bruta NSE es realmente fascinante: contiene secuencias de comandos para todo lo que puedas imaginar.&nbsp;Vea los siguientes tres ejemplos de BFA contra WordPress, MSSQL y servidor FTP: Ataque de fuerza bruta de WordPress: Ataque de fuerza bruta contra MS-SQL: Ataque de fuerza bruta FTP: 15. Detectar infecciones de malware en hosts remotos Nmap puede detectar malware y puertas traseras mediante la ejecuci\u00f3n de pruebas exhaustivas en algunos servicios de sistemas operativos populares, como Identd, Proftpd, Vsftpd, IRC, SMB y SMTP.&nbsp;Tambi\u00e9n tiene un m\u00f3dulo para buscar se\u00f1ales de malware populares dentro de servidores remotos y tambi\u00e9n integra las bases de datos de Navegaci\u00f3n Segura y VirusTotal de Google. Se puede realizar un escaneo de<\/p>\n","protected":false},"author":1,"featured_media":378,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,57,56,6],"tags":[],"class_list":["post-367","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-docencia","category-mapeadores","category-redes","category-talleres"],"_links":{"self":[{"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/posts\/367","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/comments?post=367"}],"version-history":[{"count":30,"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/posts\/367\/revisions"}],"predecessor-version":[{"id":442,"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/posts\/367\/revisions\/442"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/media\/378"}],"wp:attachment":[{"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/media?parent=367"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/categories?post=367"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dsantana.uas.edu.mx\/index.php\/wp-json\/wp\/v2\/tags?post=367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}