на клиенте (ip-address):10.10.10.12
- загружаюсь
frenzy_v03_release
- kldstat показывает
отсутствует
- ps -axuww показывает
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 12 99,0 0,0 0 12 ?? RL ЮФ07 1647:11,25 (idle: cpu0)
root 11 99,0 0,0 0 12 ?? RL ЮФ07 1645:00,76 (idle: cpu1)
root 1 0,0 0,1 1084 652 ?? ILs ЮФ07 0:00,02 /sbin/init --
root 13 0,0 0,0 0 12 ?? WL ЮФ07 0:00,61 (irq1: atkbd0)
root 17 0,0 0,0 0 12 ?? WL ЮФ07 0:00,00 (irq6: fdc0)
root 20 0,0 0,0 0 12 ?? WL ЮФ07 0:00,30 (irq9: acpi0)
root 23 0,0 0,0 0 12 ?? WL ЮФ07 0:05,90 (irq12: psm0)
root 25 0,0 0,0 0 12 ?? WL ЮФ07 0:08,58 (irq14: ata0)
root 34 0,0 0,0 0 12 ?? WL ЮФ07 0:00,18 (irq23: fxp2)
root 35 0,0 0,0 0 12 ?? WL ЮФ07 0:00,00 (irq24: sym0)
root 44 0,0 0,0 0 12 ?? WL ЮФ07 2:19,41 (swi8: tty:sio clock)
root 46 0,0 0,0 0 12 ?? WL ЮФ07 0:00,08 (swi1: net)
root 2 0,0 0,0 0 12 ?? DL ЮФ07 0:04,26 (g_event)
root 3 0,0 0,0 0 12 ?? DL ЮФ07 0:25,46 (g_up)
root 4 0,0 0,0 0 12 ?? DL ЮФ07 0:04,55 (g_down)
root 47 0,0 0,0 0 12 ?? DL ЮФ07 0:04,38 (random)
root 5 0,0 0,0 0 12 ?? DL ЮФ07 0:00,00 (taskqueue)
root 50 0,0 0,0 0 12 ?? WL ЮФ07 0:00,00 (swi7: acpitaskq)
root 52 0,0 0,0 0 12 ?? WL ЮФ07 0:00,00 (swi3: cambio)
root 53 0,0 0,0 0 12 ?? WL ЮФ07 0:00,03 (swi7: task queue)
root 6 0,0 0,0 0 12 ?? IL ЮФ07 0:00,00 (acpi_task0)
root 7 0,0 0,0 0 12 ?? IL ЮФ07 0:00,00 (acpi_task1)
root 8 0,0 0,0 0 12 ?? IL ЮФ07 0:00,00 (acpi_task2)
root 9 0,0 0,0 0 12 ?? DL ЮФ07 0:00,01 (md0)
root 55 0,0 0,0 0 12 ?? DL ЮФ07 0:00,09 (pagedaemon)
root 56 0,0 0,0 0 12 ?? DL ЮФ07 0:00,00 (vmdaemon)
root 57 0,0 0,0 0 12 ?? DL ЮФ07 0:02,59 (pagezero)
root 58 0,0 0,0 0 12 ?? DL ЮФ07 0:00,47 (bufdaemon)
root 59 0,0 0,0 0 12 ?? DL ЮФ07 0:02,16 (syncer)
root 60 0,0 0,0 0 12 ?? DL ЮФ07 0:00,38 (vnlru)
root 61 0,0 0,0 0 12 ?? IL ЮФ07 0:00,00 (nfsiod 0)
root 62 0,0 0,0 0 12 ?? IL ЮФ07 0:00,00 (nfsiod 1)
root 63 0,0 0,0 0 12 ?? IL ЮФ07 0:00,00 (nfsiod 2)
root 64 0,0 0,0 0 12 ?? IL ЮФ07 0:00,00 (nfsiod 3)
root 69 0,0 0,0 0 12 ?? DL ЮФ07 0:00,02 (md1)
root 72 0,0 0,0 0 12 ?? DL ЮФ07 0:00,00 (md2)
root 75 0,0 0,0 0 12 ?? DL ЮФ07 0:00,04 (md3)
root 78 0,0 0,0 0 12 ?? DL ЮФ07 0:00,01 (md4)
root 81 0,0 0,0 0 12 ?? DL ЮФ07 0:02,02 (md5)
root 87 0,0 0,0 0 12 ?? DL ЮФ07 0:00,02 (md6)
root 95 0,0 0,0 0 12 ?? DL ЮФ07 0:00,06 (md7)
root 103 0,0 0,0 0 12 ?? DL ЮФ07 0:00,04 (md8)
root 111 0,0 0,0 0 12 ?? DL ЮФ07 0:00,00 (md9)
root 305 0,0 0,1 1180 536 ?? Is ЮФ07 0:00,00 adjkerntz -i
root 428 0,0 0,1 1304 724 ?? Is ЮФ07 0:00,18 /usr/sbin/syslogd -s
root 594 0,0 0,1 1320 836 ?? Is ЮФ07 0:00,14 /usr/sbin/cron
root 677 0,0 0,1 1220 608 ?? Ss ЮФ07 0:40,90 moused -3 -r high -t auto -p /dev/psm0
root 683 0,0 0,1 1648 1164 v0 Is ЮФ07 0:00,03 login [pam] (login)
root 684 0,0 0,1 1648 1256 v1 Is ЮФ07 0:00,02 login [pam] (login)
root 685 0,0 0,1 1276 736 v2 Is+ ЮФ07 0:00,00 /usr/libexec/getty Pc ttyv2
root 686 0,0 0,1 1276 736 v3 Is+ ЮФ07 0:00,00 /usr/libexec/getty Pc ttyv3
root 687 0,0 0,1 1276 736 v4 Is+ ЮФ07 0:00,00 /usr/libexec/getty Pc ttyv4
root 688 0,0 0,1 1276 736 v5 Is+ ЮФ07 0:00,00 /usr/libexec/getty Pc ttyv5
root 689 0,0 0,1 1276 736 v6 Is+ ЮФ07 0:00,00 /usr/libexec/getty Pc ttyv6
root 690 0,0 0,1 1276 736 v7 Is+ ЮФ07 0:00,00 /usr/libexec/getty Pc ttyv7
root 691 0,0 0,2 2464 1764 v0 S ЮФ07 0:00,18 -tcsh (tcsh)
root 1385 0,0 0,2 2448 1680 v1 I+ 7:55 0:00,06 -tcsh (tcsh)
root 0 0,0 0,0 0 4 ?? DLs ЮФ07 0:00,08 (swapper)
root 1737 0,0 0,1 1404 820 v0 R+ 10:36 0:00,00 ps axuww
root 10 0,0 0,0 0 12 ?? DL ЮФ07 0:00,00 (ktrace)
- showmount показывает
RPC: Port mapper failure showmount: can't do mount dump rpc
- rpcinfo показывает
can't contact rpcbind: RPC Port mapper failure RPC Sucess
- nmap на серверную машину показывает
PORT STATE SERVICE VERSION
22/TCP open ssh
111/TCP open rpcbind (rpcbind v2-4) 2-4(rpc #100000)
111/UDP open rpcbind (rpcbind v2-4) 2-4(rpc #100000)
514/UDP open syslog
862/UDP open rpcbind (rpcbind v2-4) 2-4(rpc #100000)
888/TCP open accessbuilder
1006/UDP open mountd (mountd v1-3) 1-3(rpc #100005)
2049/TCP open nfd (nfd v2-3) 2-3(rpc #100003)
2049/UDP open nfd (nfd v2-3) 2-3(rpc #100003)
- traceroute на серверную машину
traceroute to 10.10.10.11 (10.10.10.11), 64 hops max, 44 byte packets
1 10.10.10.11 (10.10.10.11) 0.625 ms 0.574 ms 0.771 ms
- nslookup server.domain
сеть из 3-х компов dns server осутствует
на сервере(ip-address):10.10.10.11
- /etc/exports
/home -alldirs 10.10.10.12 10.10.10.13
- firewall
осутствует
- /etc/hosts.allow
# Start by allowing everything (this prevents the rest of the file
# from working, so remove it when you need protection).
# The rules here work on a "First match wins" basis.
ALL : ALL : allow
# Wrapping sshd(8) is not normally a good idea, but if you
# need to do it, here's how
#sshd : .evil.cracker.example.com : deny
# Protect against simple DNS spoofing attacks by checking that the
# forward and reverse records for the remote host match. If a mismatch
# occurs, access is denied, and any positive ident response within
# 20 seconds is logged. No protection is afforded against DNS poisoning,
# IP spoofing or more complicated attacks. Hosts with no reverse DNS
# pass this rule.
ALL : PARANOID : RFC931 20 : deny
# Allow anything from localhost. Note that an IP address (not a host
# name) *MUST* be specified for portmap(8).
ALL : localhost 127.0.0.1 : allow
ALL : my.machine.example.com 192.0.2.35 : allow
# To use IPv6 addresses you must enclose them in []'s
ALL : [fe80::%fxp0]/10 : allow
ALL : [fe80::]/10 : deny
ALL : [3ffe:fffe:2:1:2:3:4:3fe1] : deny
ALL : [3ffe:fffe:2:1::]/64 : allow
# Sendmail can help protect you against spammers and relay-rapers
sendmail : localhost : allow
sendmail : .nice.guy.example.com : allow
sendmail : .evil.cracker.example.com : deny
sendmail : ALL : allow
# Exim is an alternative to sendmail, available in the ports tree
exim : localhost : allow
exim : .nice.guy.example.com : allow
exim : .evil.cracker.example.com : deny
exim : ALL : allow
# Portmapper is used for all RPC services; protect your NFS!
# (IP addresses rather than hostnames *MUST* be used here)
portmap : 192.0.2.32/255.255.255.224 : allow
portmap : 192.0.2.96/255.255.255.224 : allow
portmap : ALL : deny
# Provide a small amount of protection for ftpd
ftpd : localhost : allow
ftpd : .nice.guy.example.com : allow
ftpd : .evil.cracker.example.com : deny
# You need to be clever with finger; do _not_ backfinger!! You can easily
# start a "finger war".
fingerd : ALL \
: spawn (echo Finger. | \
/usr/bin/mail -s "tcpd\: %u@%h[%a] fingered me!" root) & \
: deny
# The rest of the daemons are protected.
ALL : ALL \
: severity auth.info \
: twist /bin/echo "You are not welcome to use %d from %h."
- traceroute на серверную машину
traceroute to 10.10.10.12 (10.10.10.12), 64 hops max, 44 byte packets
1 10.10.10.12 (10.10.10.12) 0.725 ms 0.674 ms 0.671 ms
- nmap на клиентскую машину
порт не собран
- nslookup client.domain
сеть из 3-х компов dns server осутствует
|