El moderador pedia un par de escaneados, ahi van.
Primero he escogido un rango al azar de adsl de 10 IP's, y vemos cuales estan conectadas:
VaLKyR:~# nmap -sP 213.97.*.1-10
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Host 213-97-*-5.uc.nombres.ttd.es (213.97.*.5) appears to be up.
Host 213-97-*-6.uc.nombres.ttd.es (213.97.*.6) appears to be up.
Host 213-97-*-8.uc.nombres.ttd.es (213.97.*.8) appears to be up.
Host 213-97-*-9.uc.nombres.ttd.es (213.97.*.9) appears to be up.
Nmap run completed -- 10 IP addresses (4 hosts up) scanned in 1 second
Ahora un scan a esas maquinas en tcp y al puerto 80:
VaLKyR:~# nmap -sT -p 80 213.97.*.5,6,8,9
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Interesting ports on 213-97-*-5.uc.nombres.ttd.es (213.97.*.5):
Port State Service
80/tcp filtered http
Interesting ports on 213-97-*-6.uc.nombres.ttd.es (213.97.*.6):
Port State Service
80/tcp filtered http
Interesting ports on 213-97-*-8.uc.nombres.ttd.es (213.97.*.8):
Port State Service
80/tcp open http
Interesting ports on 213-97-*-9.uc.nombres.ttd.es (213.97.*.9):
Port State Service
80/tcp filtered http
Nmap run completed -- 4 IP addresses (4 hosts up) scanned in 7 seconds
Vemos q uno lo tiene abierto el puerto 80, ademas esta corriendo un Microsoft-IIS/5.0
El resto estan filtrados por un firewall/router.
Ahora un scan en udp y puerto 80:
VaLKyR:~# nmap -sU -p 80 213.97.*.5,6,8,9
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
The 1 scanned port on 213-97-*-5.uc.nombres.ttd.es (213.97.*.5) is: closed
The 1 scanned port on 213-97-*-6.uc.nombres.ttd.es (213.97.*.6) is: closed
Interesting ports on 213-97-*-8.uc.nombres.ttd.es (213.97.*.8):
Port State Service
80/udp open http
Interesting ports on 213-97-*-9.uc.nombres.ttd.es (213.97.*.9):
Port State Service
80/udp open http
Nmap run completed -- 4 IP addresses (4 hosts up) scanned in 3 seconds
La 213.97.*.8 es normal q tenga el 80/udp en escucha, pero ¿por que el 213.97.*.9?
Ahora cogemos un rango extranjero, y hacemos los mismos pasos q antes:
VaLKyR:~# nmap -sP 204.202.158.181-191
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Host (204.202.158.181) appears to be up.
Host (204.202.158.182) appears to be up.
Host (204.202.158.184) appears to be up.
Host (204.202.158.186) appears to be up.
Host (204.202.158.187) appears to be up.
Host (204.202.158.188) appears to be up.
Host (204.202.158.191) appears to be up.
Nmap run completed -- 11 IP addresses (7 hosts up) scanned in 4 seconds
VaLKyR:~# nmap -sT -p80 204.202.158.181,182,184,186,187,188,191
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Interesting ports on (204.202.158.181):
Port State Service
80/tcp filtered http
Interesting ports on (204.202.158.182):
Port State Service
80/tcp filtered http
Interesting ports on (204.202.158.184):
Port State Service
80/tcp filtered http
Interesting ports on (204.202.158.186):
Port State Service
80/tcp filtered http
Interesting ports on (204.202.158.187):
Port State Service
80/tcp filtered http
Interesting ports on (204.202.158.188):
Port State Service
80/tcp filtered http
Interesting ports on (204.202.158.191):
Port State Service
80/tcp filtered http
VaLKyR:~# nmap -sU -p80 204.202.158.181,182,184,186,187,188,191
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
Interesting ports on (204.202.158.181):
Port State Service
80/udp open http
Interesting ports on (204.202.158.182):
Port State Service
80/udp open http
Interesting ports on (204.202.158.184):
Port State Service
80/udp open http
Interesting ports on (204.202.158.186):
Port State Service
80/udp open http
Interesting ports on (204.202.158.187):
Port State Service
80/udp open http
Interesting ports on (204.202.158.188):
Port State Service
80/udp open http
Interesting ports on (204.202.158.191):
Port State Service
80/udp open http
Nmap run completed -- 7 IP addresses (7 hosts up) scanned in 11 seconds
Probemos ya con un solo ip de uni2 :
VaLKyR:~# nmap -sT -p 80 62.37.*.29
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
The 1 scanned port on 62-37-*-29.dialup.uni2.es (62.37.*.29) is: closed
Nmap run completed -- 1 IP address (1 host up) scanned in 8 seconds
VaLKyR:~# nmap -sU -p 80 62.37.*.29
Starting nmap V. 2.54BETA30 ( www.insecure.org/nmap/ )
The 1 scanned port on 62-37-*-29.dialup.uni2.es (62.37.*.29) is: closed
Nmap run completed -- 1 IP address (1 host up) scanned in 3 seconds
Ahi tienen unos cuantos resultados, q los expertos saquen conclusiones ;)
Nota: Oculte los rangos de IP's españolas por si afecta/molesta a alguien, las extranjeras me dan un poco igual ;)