Tarea-1 Redes#

Maquina Debian 11#

Maquina Debian 11

uname -a

Linux debian11 5.10.0-11-amd64 #1 SMP Debian 5.10.92-1 (2022-01-18) x86_64 GNU/Linux`

cat /etc/os-release

PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

cat /etc/debian_version /etc/redhat-release

11.2

lsmod

lsmod file

ps afx

ps afx file

hostname -I

10.0.2.15 192.168.56.102

ip addr

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:90:99:ad brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
valid_lft 85686sec preferred_lft 85686sec
inet6 fe80::a00:27ff:fe90:99ad/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: enp0s8: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:27:1f:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.102/24 brd 192.168.56.255 scope global dynamic enp0s8
valid_lft 413sec preferred_lft 413sec
inet6 fe80::a00:27ff:fe27:1f16/64 scope link
valid_lft forever preferred_lft forever

ip route show

default via 10.0.2.2 dev enp0s3 proto dhcp metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
169.254.0.0/16 dev enp0s3 scope link metric 1000
192.168.56.0/24 dev enp0s8 proto kernel scope link src 192.168.56.102

cat /etc/resolv.conf

# Generated by NetworkManager
nameserver 192.168.1.254

netstat -ntulp

(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN -
tcp6 0 0 :::22 :::
LISTEN -
udp 0 0 0.0.0.0:5353 0.0.0.0: -
udp 0 0 0.0.0.0:41980 0.0.0.0:
-
udp 0 0 0.0.0.0:68 0.0.0.0: -
udp6 0 0 :::5353 :::
-
udp6 0 0 :::48489 :::* -

ping -c 4 1.1.1.1

PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: icmp_seq=0 ttl=63 time=41.666 ms
64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=34.313 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=69.234 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=38.736 ms
--- 1.1.1.1 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 34.313/45.987/69.234/13.674 ms

dig example.com

; <<>> DiG 9.16.22-Debian <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14312
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 20042 IN A 93.184.216.34
;; Query time: 8 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Feb 28 19:33:35 CST 2022
;; MSG SIZE rcvd: 56

Privilegios del usuario normal#

$ getent passwd ${USER}

carlos:x:1000:1000:Carlos,,,:/home/carlos:/bin/bash

$ id

uid=1000(carlos) gid=1000(carlos) groups=1000(carlos),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video
),46(plugdev),109(netdev),113(bluetooth),119(scanner),997(wireshark)

$ groups

carlos cdrom floppy sudo audio dip video plugdev netdev bluetooth scanner wireshark

$ sudo -l

Matching Defaults entries for carlos on debian11:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin
User carlos may run the following commands on debian11:
(ALL : ALL) NOPASSWD: ALL

$ sudo -i

root@debian11:~#

Herramientas instaladas:#

which wireshark tcpdump nmap netcat-openbds ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptab les-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool

/usr/bin/wireshark
/usr/bin/tcpdump
/usr/bin/nmap
/usr/bin/ngrep
/usr/bin/wget
/usr/bin/curl
/usr/bin/whois
/usr/bin/tsocks
/usr/bin/inetutils-traceroute

whereis wireshark tcpdump nmap netcat-openbds ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables ipt ables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool

wireshark: /usr/bin/wireshark /usr/lib/x86_64-linux-gnu/wireshark /etc/wireshark /usr/share/wireshark /usr/sha
re/man/man1/wireshark.1.gz
tcpdump: /usr/bin/tcpdump /usr/share/man/man8/tcpdump.8.gz
nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz
netcat-openbds: /usr/bin/nc.traditional /usr/bin/nc /usr/bin/nc.openbsd /usr/share/man/man1/nc.1.gz
ngrep: /usr/bin/ngrep /usr/share/man/man8/ngrep.8.gz
dsniff: /usr/sbin/dsniff /usr/share/dsniff /usr/share/man/man8/dsniff.8.gz
wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz
curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz
whois: /usr/bin/whois /usr/share/man/man1/whois.1.gz
iproute2: /etc/iproute2 /usr/include/iproute2
iptables: /usr/sbin/iptables /etc/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz
iptables-persistent:
tsocks: /usr/bin/tsocks /etc/tsocks.conf /usr/share/man/man1/tsocks.1.gz /usr/share/man/man8/tsocks.8.gz
inetutils-ping:
inetutils-traceroute: /usr/bin/inetutils-traceroute /usr/share/man/man1/inetutils-traceroute.1.gz
inetutils-tools:
ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz

Maquina CentOS Stream 8#

Maquina CentOS8

uname -a

Linux localhost.localdomain 4.18.0-365.el8.x86_64 #1 SMP Thu Feb 10 16:11:23 UTC 2022 x86_64 x86_64 x86_64 GNU
/Linux

cat /etc/os-release

NAME="CentOS Stream"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Stream 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"

cat /etc/redhat-release

CentOS Stream release 8

lsmod

lsmod file

ps afx

ps afx file

hostname -I

10.0.2.15 192.168.56.103 192.168.122.1

ip addr

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:de:10:70 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute enp0s3
valid_lft 85907sec preferred_lft 85907sec
inet6 fe80::a00:27ff:fede:1070/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: enp0s8: mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:5d:22:24 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.103/24 brd 192.168.56.255 scope global dynamic noprefixroute enp0s8
valid_lft 407sec preferred_lft 407sec
inet6 fe80::a00:27ff:fe5d:2224/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 52:54:00:d9:1b:20 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever

ip route show

default via 10.0.2.2 dev enp0s3 proto dhcp metric 100
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 metric 100
192.168.56.0/24 dev enp0s8 proto kernel scope link src 192.168.56.103 metric 101
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

cat /etc/resolv.conf

# Generated by NetworkManager
nameserver 192.168.1.254

netstat -ntulp

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.122.1:53 0.0.0.0: LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:
LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0: LISTEN -
tcp 0 0 0.0.0.0:111 0.0.0.0:
LISTEN -
tcp6 0 0 :::22 ::: LISTEN -
tcp6 0 0 ::1:631 :::
LISTEN -
tcp6 0 0 :::111 ::: LISTEN -
udp 0 0 0.0.0.0:111 0.0.0.0:
-
udp 0 0 0.0.0.0:32902 0.0.0.0: -
udp 0 0 0.0.0.0:5353 0.0.0.0:
-
udp 0 0 127.0.0.1:323 0.0.0.0: -
udp 0 0 192.168.122.1:53 0.0.0.0:
-
udp 0 0 0.0.0.0:67 0.0.0.0: -
udp6 0 0 :::111 :::
-
udp6 0 0 :::5353 ::: -
udp6 0 0 ::1:323 :::
-
udp6 0 0 :::49214 :::* -

ping -c 4 1.1.1.1

PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=37.4 ms
64 bytes from 1.1.1.1: icmp_seq=2 ttl=63 time=37.4 ms
64 bytes from 1.1.1.1: icmp_seq=3 ttl=63 time=43.6 ms
64 bytes from 1.1.1.1: icmp_seq=4 ttl=63 time=37.5 ms
--- 1.1.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3011ms
rtt min/avg/max/mdev = 37.392/38.995/43.628/2.678 ms

dig example.com

; <<>> DiG 9.11.36-RedHat-9.11.36-2.el8 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32186
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 18576 IN A 93.184.216.34
;; Query time: 11 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Mon Feb 28 20:00:22 CST 2022
;; MSG SIZE rcvd: 56

Privilegios del usuario normal#

$ getent passwd ${USER}

carlos:x:1000:1000:Carlos:/home/carlos:/bin/bash

$ id

uid=1000(carlos) gid=1000(carlos) groups=1000(carlos),10(wheel),972(wireshark) context=unconfined_u:unconfined
_r:unconfined_t:s0-s0:c0.c1023

$ groups

carlos wheel wireshark

$ sudo -l

Matching Defaults entries for carlos on localhost:
!visiblepw, always_set_home, match_group_by_gid, always_query_group_plugin, env_reset, env_keep="COLORS DISPLAY
HOSTNAME HISTSIZE KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS
LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME L
C_NUMERIC LC_PAPER LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET
XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin
User carlos may run the following commands on localhost:
(ALL) NOPASSWD: ALL

$ sudo -i

[root@localhost ~]#

Herramientas instaladas:#

which wireshark tcpdump nmap netcat-openbds ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables iptab les-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool

/usr/bin/wireshark
/usr/sbin/tcpdump
/usr/bin/nmap
/usr/bin/which: no netcat-openbds in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/sbin:
/usr/bin:/usr/sbin)
/usr/sbin/ngrep
/usr/sbin/dsniff
/usr/bin/wget
/usr/bin/curl
/usr/bin/whois
/usr/bin/which: no dnsutils in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/sbin:/usr/b
in:/usr/sbin)
/usr/bin/which: no net-tools in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/sbin:/usr/
bin:/usr/sbin)
/usr/bin/which: no iproute2 in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/sbin:/usr/b
in:/usr/sbin)
/usr/sbin/iptables
/usr/bin/which: no iptables-persistent in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/
sbin:/usr/bin:/usr/sbin)
/usr/bin/which: no tsocks in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/sbin:/usr/bin
:/usr/sbin)
/usr/bin/which: no inetutils-ping in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/sbin:
/usr/bin:/usr/sbin)
/usr/bin/which: no inetutils-traceroute in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local
/sbin:/usr/bin:/usr/sbin)
/usr/bin/which: no inetutils-tools in (/home/carlos/.local/bin:/home/carlos/bin:/usr/local/bin:/usr/local/sbin
:/usr/bin:/usr/sbin)
/usr/sbin/ethtool

whereis wireshark tcpdump nmap netcat-openbds ngrep dsniff wget curl whois dnsutils net-tools iproute2 iptables ipt ables-persistent tsocks inetutils-ping inetutils-traceroute inetutils-tools ethtool

wireshark: /usr/bin/wireshark /usr/lib64/wireshark /usr/share/wireshark /usr/share/man/man1/wireshark.1.gz
tcpdump: /usr/sbin/tcpdump /usr/share/man/man8/tcpdump.8.gz
nmap: /usr/bin/nmap /usr/share/nmap /usr/share/man/man1/nmap.1.gz
ngrep: /usr/sbin/ngrep /usr/share/man/man8/ngrep.8.gz
dsniff: /usr/sbin/dsniff /etc/dsniff /usr/share/man/man8/dsniff.8.gz
wget: /usr/bin/wget /usr/share/man/man1/wget.1.gz /usr/share/info/wget.info.gz
curl: /usr/bin/curl /usr/share/man/man1/curl.1.gz
whois: /usr/bin/whois.md /usr/bin/whois /etc/whois.conf /usr/share/man/man1/whois.1.gz
iproute2: /etc/iproute2
iptables: /usr/sbin/iptables /usr/libexec/iptables /usr/share/man/man8/iptables.8.gz
ethtool: /usr/sbin/ethtool /usr/share/man/man8/ethtool.8.gz