2017-2018-2 20155206 《网络对抗技术》 实验六:信息搜集与漏洞扫描
基础问题回答
、 哪些组织负责DNS,IP的管理。
、 全球根服务器均由美国政府授权的ICANN统一管理,负责全球的域名根服务器、DNS和IP地址管理。全球根域名服务器:绝大多数在欧洲和北美(全球 13台,用A~M编号),中国仅拥有镜像服务器(备份)。全球一共有5个地区性注册机构:ARIN主要负责北美地区业务,RIPE主要负责欧洲地区业务,APNIC主要负责亚太地区业务,LACNIC主要负责拉丁美洲美洲业务,AfriNIC负责非洲地区业务。
、 什么是3R信息。
、 注册人(Registrant)、注册商(Registrar)、官方注册局(Registry)
、 评价下扫描结果的准确性。
、 较为准确。
使用whois域名注册信息查询
、 我们可以很清楚地看到要查找的3R注册信息,包括注册人的组织和城市等信息。
、 值得注意的是进行whois查询时要去掉www等前缀否则可能查询不到。
、 查询结果
`Domain Name: CNBLOGS.COM
Registry Domain ID: 106507487_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.35.com
Registrar URL: http://www.35.com
Updated Date: 2017-02-21T01:51:06Z
Creation Date: 2003-11-12T03:16:35Z
Registry Expiry Date: 2021-11-12T03:16:35Z
Registrar: Xiamen 35.Com Technology Co., Ltd.
Registrar IANA ID: 1316
Registrar Abuse Contact Email: abuse@35.cn
Registrar Abuse Contact Phone: +86.5925391800
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Name Server: NS3.DNSV4.COM
Name Server: NS4.DNSV4.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
Last update of whois database: 2018-05-07T03:43:55Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
Domain Name: cnblogs.com
Registry Domain ID: 106507487_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.35.com
Registrar URL: http://www.35.com
Updated Date: 2016-10-23T22:59:39Z
Creation Date: 2003-11-11T04:00:00Z
Registrar Registration Expiration Date: 2021-11-11T04:00:00Z
Registrar: 35 Technology Co., Ltd.
Registrar IANA ID: 1316
Registrar Abuse Contact Email: abuse@35.cn
Registrar Abuse Contact Phone: +86.5925391800
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Registry Registrant ID: Not Available From Registry
Registrant Name: du yong
Registrant Organization: du yong
Registrant Street: 405, Building No.5, Heshan Street No.369, Xihu District
Registrant City: Hangzhou
Registrant State/Province: Zhejiang
Registrant Postal Code: 310024
Registrant Country: CN
Registrant Phone: +86.057188079867
Registrant Phone Ext:
Registrant Fax: +86.057188079867
Registrant Fax Ext:
Registrant Email: dudu.yz@gmail.com
Registry Admin ID: Not Available From Registry
Admin Name: du yong
Admin Organization: du yong
Admin Street: 405, Building No.5, Heshan Street No.369, Xihu District
Admin City: Hangzhou
Admin State/Province: Zhejiang
Admin Postal Code: 310024
Admin Country: CN
Admin Phone: +86.057188079867
Admin Phone Ext:
Admin Fax: +86.057188079867
Admin Fax Ext:
Admin Email: dudu.yz@gmail.com
Registry Tech ID: Not Available From Registry
Tech Name: du yong
Tech Organization: du yong
Tech Street: 405, Building No.5, Heshan Street No.369, Xihu District
Tech City: Hangzhou
Tech State/Province: Zhejiang
Tech Postal Code: 310024
Tech Country: CN
Tech Phone: +86.057188079867
Tech Phone Ext:
Tech Fax: +86.057188079867
Tech Fax Ext:
Tech Email: dudu.yz@gmail.com
Name Server: ns3.dnsv4.com
Name Server: ns4.dnsv4.com
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form:
https://www.icann.org/wicf/
Last update of WHOIS database: 2016-10-23T22:59:39Z <<<
For more information on Whois status codes, please visit https://icann.org/epp
This data is provided by 35 Technology Co., Ltd.
for information purposes, and to assist persons obtaining information
about or related to domain name registration records.
35 Technology Co., Ltd. does not guarantee its accuracy.
By submitting a WHOIS query, you agree that you will use this data
only for lawful purposes and that, under no circumstances, you will
use this data to
- allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via E-mail
(spam); or - enable high volume, automated, electronic processes that apply
to this WHOIS server.
These terms may be changed without prior notice.
By submitting this query, you agree to abide by this policy.
`
、 通过域名Whois查询 - 站长之家进行查询
使用nslookup和dig进行域名查询
、 通过dig命令或nslookup命令可以得到网址对应的ip地址
但是nslookup可以得到DNS解析服务器保存的Cache的结果,并不一定准确。dig可以从官方DNS服务器上查询精确的结果。
、 查询了百度与博客园的域名,都可以正常访问
使用netcraft提供的信息查询服务
IP2反域名查询
、 可以看到ip-adress.com提供的位置信息和百度地图提供的位置信息相符
、 besti.edu.cn与地图提供的位置相符
、cnblogs.cn的位置不明白是个什么鬼
traceroute命令进行路由侦查
、 这5条信息依次代表了生存时间、三次发送的ICMP包返回时间和途经路由器的IP地址。其中*的信息表示该次ICMP包返回时间超时。
nmap
-O
、 -O 识别操作系统
-sn
、 -sn 来寻找活跃主机
-sS
、 -sS tcp扫描
-sU
、 -sU udp扫描
漏洞扫描
、 首先安装openvas,并配置完成
进行漏洞扫描
