{"id":2110,"date":"2014-09-10T19:24:21","date_gmt":"2014-09-10T10:24:21","guid":{"rendered":"http:\/\/sys-guard.com\/?p=2110"},"modified":"2017-04-20T10:44:45","modified_gmt":"2017-04-20T01:44:45","slug":"nmap%e5%8d%b3ban-portsentry-%e4%b8%8d%e6%ad%a3%e3%82%a2%e3%82%af%e3%82%bb%e3%82%b9%e6%92%b2%e6%bb%85%e5%a7%94%e5%93%a1%e4%bc%9a","status":"publish","type":"post","link":"https:\/\/sys-guard.com\/post-2110\/","title":{"rendered":"Nmap\u5bfe\u7b56Portsentry \u4e0d\u6b63\u30a2\u30af\u30bb\u30b9\u64b2\u6ec5\u59d4\u54e1\u4f1a[\u5373BAN]"},"content":{"rendered":"

<\/object>
\n\u6620\u753b\u300e\u30de\u30c8\u30ea\u30af\u30b9\u300f\u306e\u30af\u30e9\u30c3\u30ad\u30f3\u30b0(\u30cf\u30c3\u30ad\u30f3\u30b0)\u306b\u3082\u4f7f\u308f\u308c\u305fNmap<\/strong><\/p>\n

Nmap\u3063\u3066\u306a\u3093\u3060\u308d\u3046\uff1f<\/h4>\n

\u30b5\u30fc\u30d0\u30fc\u306e\u30dd\u30fc\u30c8\u304c\u3069\u3046\u306a\u3063\u3066\u3044\u308b\u304b\u3092\u63a2\u7d22\u3059\u308b\u30dd\u30fc\u30c8\u30b9\u30ad\u30e3\u30f3\u30c4\u30fc\u30eb\u3067\u3059\u3002
\n\u672c\u6765\u306f\u81ea\u8eab\u306e\u30b5\u30fc\u30d0\u306e\u30dd\u30fc\u30c8\u72b6\u6cc1\u3092\u77e5\u308b\u305f\u3081\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c4\u30fc\u30eb\u3067\u3059\u304c
\n\u3069\u3053\u304b\u3089\u4fb5\u5165\u3057\u3088\u3046\u304b\u8003\u3048\u308b\u70ba\u306e\u7d4c\u8def\u306e\u4e0b\u898b\u3068\u3057\u3066
\n\u30af\u30e9\u30c3\u30ab\u30fc\u306e\u653b\u6483\u306e\u521d\u624b\u306b\u60aa\u7528\u3055\u308c\u3066\u3044\u307e\u3059\u3002<\/p>\n

\"matrix
\n\u6709\u540d\u306a\u6620\u753b\u300e\u30de\u30c8\u30ea\u30af\u30b9\u300f\u3067\u30c8\u30ea\u30cb\u30c6\u30a3\u304cNmap\u3092\u4f7f\u3063\u305f\u30b7\u30fc\u30f3\u3002<\/p>\n

\u30bf\u30a4\u30c8\u30eb\u306ePortsentry\u3063\u3066\u306a\u3093\u306a\u306e\u304b<\/h4>\n

\u4eca\u56de\u3054\u7d39\u4ecb\u3059\u308bPortsentry\u306f
\nNmap\u3067\u30af\u30e9\u30c3\u30ad\u30f3\u30b0\u306e\u4e0b\u898b\u306b\u6765\u305f\u7121\u793c\u306a\u8f29\u3092\u906e\u65ad\u3059\u308b\u30c4\u30fc\u30eb<\/strong>\u3067\u3059\u3002
\n\u4e00\u822c\u306e\u4eba\u306f\u4ed6\u306e\u4eba\u306e\u30b5\u30fc\u30d0\u30fc\u306b\u5bfe\u3057\u3066nmap\u306a\u3093\u3066\u3057\u306a\u3044\u3057
\n\u30dd\u30fc\u30c8\u30b9\u30ad\u30e3\u30f3\u304c\u653b\u6483\u3068\u898b\u3089\u308c\u3066\u3082\u3057\u3088\u3046\u304c\u306a\u3044\u4e8b\u306f\u6697\u9ed9\u306e\u4e86\u89e3\u306a\u306e\u3067
\n\u6c17\u306b\u3059\u308b\u3053\u3068\u306f\u3042\u308a\u307e\u305b\u3093\u3002
\n\u5fc3\u306e\u307e\u307e\u306bBAN(\u30a2\u30af\u30bb\u30b9\u7981\u6b62)\u3057\u3066\u3057\u307e\u3044\u307e\u3057\u3087\u3046\u3002<\/strong><\/p>\n

\u3082\u3057\u30c8\u30ea\u30cb\u30c6\u30a3\u304c\u30af\u30e9\u30c3\u30ad\u30f3\u30b0\u3057\u3088\u3046\u3057\u305f\u30b5\u30fc\u30d0\u30fc\u306bPortsentry\u304c\u5165\u3063\u3066\u3044\u305f\u3089\uff65\uff65\uff65<\/strong><\/span>
\n\u30af\u30e9\u30c3\u30ad\u30f3\u30b0\u51fa\u6765\u305a\u30cd\u30aa\u306f\u6b7b\u306b\u7269\u8a9e\u3082\u5927\u304d\u304f\u5909\u308f\u3063\u3066\u3044\u305f\u306e\u304b\u3082\u3057\u308c\u307e\u305b\u3093\u3002<\/p>\n

\u203b\u307e\u305f\u3001\u30c8\u30ea\u30cb\u30c6\u30a3\u304c\u4f7f\u3063\u305fsshnuke\u306f\u67b6\u7a7a\u306e\u30af\u30e9\u30c3\u30ad\u30f3\u30b0\u30c4\u30fc\u30eb\u3067\u3059\u3002
\n\u3067\u3059\u304c\u5b9f\u5728\u3059\u308bSSH\u306e\u8106\u5f31\u6027\u3092\u7a81\u304droot\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u66f8\u304d\u63db\u3048\u3066\u3001\u305d\u308c\u3092\u5229\u7528\u3057\u3066\u30ed\u30b0\u30a4\u30f3\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n

portsentry\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3057\u307e\u3059<\/h4>\n[bash]\n# yum -y install rpm-build
\n[\/bash]\n

\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3059\u308b\u6642\u306e\u304a\u7d04\u675f\u306e\u5834\u6240\u306b\u79fb\u52d5\u3057\u307e\u3059\u3002<\/p>\n[bash]\n# cd \/usr\/local\/src\/
\n[\/bash]\n

\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u307e\u3059\u3002<\/p>\n[bash]\n# wget http:\/\/ftp.riken.go.jp\/Linux\/freshrpms\/redhat\/9\/portsentry\/portsentry-1.1-fr8.src.rpm<\/p>\n

`portsentry-1.1-fr8.src.rpm’ \u3078\u4fdd\u5b58\u5b8c\u4e86
\n[\/bash]\n

 <\/p>\n[bash]\n# rpmbuild –rebuild portsentry-1.1-fr8.src.rpm
\n[\/bash]\n[bash]\nrm -f portsentry-1.1-fr8.src.rpm
\n[\/bash]\n[bash]\n# rpm -ivh \/root\/rpmbuild\/RPMS\/*\/portsentry*.rpm<\/p>\n

\u6e96\u5099\u4e2d… ########################################### [100%]\n1:portsentry-debuginfo ########################################### [ 50%]\n2:portsentry ########################################### [100%]\n[\/bash]\n

 <\/p>\n[bash]\n# vi \/etc\/portsentry\/portsentry.conf<\/p>\n

#KILL_HOSTS_DENY=”ALL: $TARGET$”<\/p>\n

\u2193\u5909\u66f4\u3057\u3066\u6709\u52b9\u5316\u3055\u305b\u307e\u3059\u3002<\/p>\n

KILL_HOSTS_DENY=”ALL: $TARGET$”
\n[\/bash]\n[bash]\n# service portsentry restart
\nStopping portsentry: [\u5931\u6557]\nStarting portsentry -atcp: [ OK ]\nStarting portsentry -audp: [ OK ]\n[\/bash]\n

 <\/p>\n[bash]\n# chkconfig portsentry on
\n# chkconfig portsentry –list
\nportsentry 0:off 1:off 2:on 3:on 4:on 5:on 6:off
\n[\/bash]\n

\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\u8a2d\u5b9a<\/h4>\n

\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\u8a2d\u5b9a\u3092\u884c\u3044\u307e\u3059\u3002
\n\u3053\u306eIP\u306a\u3089nmap\u3092\u3046\u3063\u3066\u304d\u3066\u3082BAN\u3057\u307e\u305b\u3093\u3068\u3044\u3046\u8a2d\u5b9a\u3067\u3059\u3002<\/p>\n[bash]\n# vi \/etc\/portsentry\/portsentry.ignore<\/p>\n

# If you don’t supply a netmask it is assumed to be 32 bits.
\n#
\n#<\/p>\n

127.0.0.1\/32
\n0.0.0.0
\n122.xxx.yyy.zzz\u2190\u9664\u5916\u3055\u308c\u308bIP\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002(\u4f1a\u793e\u306eIP\u3092\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002)
\n122.aaa.bbb.179\u2190\u67d0\u7fa4\u99ac\u652f\u793e\u306eIP\u3092\u8ffd\u52a0\u3057\u307e\u3057\u305f\u3002
\n#########################################
\n# Do NOT edit below this line, if you #
\n[\/bash]\n

 <\/p>\n[bash]\n# service portsentry restart
\nStopping portsentry: [ OK ]\nStarting portsentry -atcp: [ OK ]\nStarting portsentry -audp: [ OK ]\n[\/bash]\n

\u8d77\u52d5\u3057\u3066\u308b\u304b\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n

# ps ax | grep port
\n16092 ? Ss 0:00 \/usr\/sbin\/portsentry -atcp
\n16094 ? Ss 0:00 \/usr\/sbin\/portsentry -audp
\n16113 pts\/0 S+ 0:00 grep port<\/p>\n

\u5143\u6c17\u306b\u52d5\u3044\u3066\u3044\u307e\u3059\u306d\u3002<\/p>\n

Nmap\u3067\u3055\u304f\u3089VPS\u306b\u30dd\u30fc\u30c8\u30b9\u30ad\u30e3\u30f3\u3092\u884c\u3044BAN\u3055\u308c\u3066\u307f\u307e\u3059<\/h4>\n

\u3044\u304f\u3064\u304b\u30ed\u30b0\u30a4\u30f3\u51fa\u6765\u308b\u3088\u3046\u306b\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8(\u547d\u7db1)\u3092\u8a2d\u5b9a\u3057\u3066\u304a\u3053\u3046\u3002
\n\u3082\u3057\u547d\u7db1\u306a\u3057\u3067\u30ed\u30b0\u30a4\u30f3\u304c\u51fa\u6765\u306a\u304f\u306a\u3063\u305f\u3089\u30cd\u30c3\u30c8\u30ab\u30d5\u30a7\u306b\u3067\u3082\u99c6\u3051\u8fbc\u307f\u307e\u3057\u3087\u3046\u3002<\/p>\n[bash]\n

\u25cb\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\u306e\u89e3\u9664\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n

# vi \/etc\/portsentry\/portsentry.ignore<\/p>\n

# If you don’t supply a netmask it is assumed to be 32 bits.
\n#
\n#<\/p>\n

127.0.0.1\/32
\n0.0.0.0
\n#122.xxx.yyy.zzz\u2190\u4f1a\u793e\u306eIP\u3092\u30db\u30ef\u30a4\u30c8\u30ea\u30b9\u30c8\u7121\u52b9\u306b\u3057\u307e\u3057\u305f\u3002
\n122.aaa.bbb.179
\n#########################################
\n# Do NOT edit below this line, if you #
\n[\/bash]\n

\u518d\u8d77\u52d5\u3067\u8aad\u307f\u8fbc\u307e\u305b\u307e\u3059\u3002<\/p>\n[bash]\n# service portsentry restart
\nStopping portsentry: [ OK ]\nStarting portsentry -atcp: [ OK ]\nStarting portsentry -audp: [ OK ]\n[\/bash]\n

\"kali
\nKali Linux\u3092\u4f7f\u3063\u3066Nmap\u30dd\u30fc\u30c8\u30b9\u30ad\u30e3\u30f3\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n

\u25a0 \u7d50\u679c
\nportsentry\u3092\u5165\u308c\u305f\u30b5\u30fc\u30d0\u306b\u306f\u30dd\u30fc\u30c8\u30b9\u30ad\u30e3\u30f3\u3067\u304d\u307e\u305b\u3093
\nSSH\u306e\u63a5\u7d9a\u3082\u65ad\u7d76\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n

\u5fa9\u65e7\u65b9\u6cd5<\/h4>\n

\"BAN
\n\u4eca\u56de\u306f\u3055\u304f\u3089VPS\u306e\u30b3\u30f3\u30bd\u30fc\u30eb\u304b\u3089\u30ed\u30b0\u30a4\u30f3\u3057\u3066<\/p>\n

Tcp Wrapper\u3092\u7de8\u96c6\u3057\u307e\u3059\u3002<\/p>\n[bash]\n# vi \/etc\/hosts.deny
\n[\/bash]\n

\"TCP
\nBAN\u30ea\u30b9\u30c8\u306b\u4f1a\u793e\u306e\u30b0\u30ed\u30fc\u30d0\u30ebIP\u304c\u8ffd\u52a0\u3055\u308c\u3066\u3057\u307e\u3063\u3066\u3044\u308b\u306e\u3067\u6d88\u3057\u307e\u3059\u3002<\/p>\n

\u3053\u308c\u3067\u518d\u8d77\u52d5\u3092\u884c\u3046\u3068\u89e3\u9664\u3055\u308c\u307e\u3059\u3002<\/p>\n[bash]\n# reboot now
\n[\/bash]\n","protected":false},"excerpt":{"rendered":"

\u6620\u753b\u300e\u30de\u30c8\u30ea\u30af\u30b9\u300f\u306e\u30af\u30e9\u30c3\u30ad\u30f3\u30b0(\u30cf\u30c3\u30ad\u30f3\u30b0)\u306b\u3082\u4f7f\u308f\u308c\u305fNmap Nmap\u3063\u3066\u306a\u3093\u3060\u308d\u3046\uff1f \u30b5\u30fc\u30d0\u30fc\u306e\u30dd\u30fc\u30c8\u304c\u3069\u3046\u306a\u3063\u3066\u3044\u308b\u304b\u3092\u63a2\u7d22\u3059\u308b\u30dd\u30fc\u30c8\u30b9\u30ad\u30e3\u30f3\u30c4\u30fc\u30eb\u3067\u3059\u3002 \u672c\u6765\u306f\u81ea\u8eab\u306e\u30b5\u30fc\u30d0\u306e\u30dd\u30fc\u30c8\u72b6\u6cc1\u3092\u77e5\u308b\u305f\u3081\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30c4\u30fc\u30eb\u3067\u3059\u304c \u3069\u3053\u304b\u3089\u4fb5\u5165\u3057\u3088 […]<\/p>\n","protected":false},"author":3,"featured_media":2123,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,20],"tags":[],"_links":{"self":[{"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/posts\/2110"}],"collection":[{"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/comments?post=2110"}],"version-history":[{"count":0,"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/posts\/2110\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/media\/2123"}],"wp:attachment":[{"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/media?parent=2110"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/categories?post=2110"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sys-guard.com\/wp-json\/wp\/v2\/tags?post=2110"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}