扫描tcp端口

atsecinformationsecuritywww.
atsec.
comEmail:info_cn@atsec.
com外部安全扫描委托合同CommissionContractforExternalSecurityScan该表用于指导您填写atsec所需要的基本信息,以便于为您提供外部安全扫描服务(等同于PCI安全标准委员会定义的ASV扫描).
Thisformguidesyouingatheringthebasicinformationthatatsecneedsinordertoprovideyouwithserviceaboutexternalsecurityscan(equivalenttotheASVscandefinedbyPCISecurityStandardsCouncil).
请填写该表格,并通过邮件或传真提交.
如果您对分享机密信息有疑问,请联系我们,以便在提交信息前签署保密协议,并采取适当的交易安全措施.
Pleasecompletethisformandsubmititviaemailorfax.
Ifyouhaveconcernsaboutsharingproprietaryinformation,pleasecontactustosetupanNDAandappropriatetransactionsecuritybeforesubmittingtheformtous.
基本信息BasicInformation公司名称Companyname:联系人Contactname:联系人职位Contactposition:地址Address:城市City:省State:国家Country:邮编Zip/Postalcode:邮箱Email:电话Phone:公司网站Companywebsite:*注:为了为您编制ASV报告,以上请务必提供英文信息(并建议同时提供中文信息)*Note:PleaseprovidetheinformationinEnglishinordertogeneratetheASVreportforyou.
详细的网络信息DetailsNetworkInformation列举对互联网公开需要扫描的IP地址(包括DNS服务器、WEB服务器、应用服务器、防火墙、外部路由器以及邮件服务器).
ListtheInternet-facingIPaddresseswhichneedtobescanned(thisincludesDNSservers,webservers,applicationservers,firewalls,externalrouters,andmailservers).
这些DNS服务器、WEB服务器、应用服务器、防火墙、外部路由器以及邮件服务器是否由第三方(服务供应商)提供给您的AreanyDNSservers,webservers,applicationservers,firewalls,externalrouters,ormailserversprovidedforyoubythird-parties(serviceproviders)月Month日Day时Hour分Minute第二季度Quarter2:月Month日Day时Hour分Minute第三季度Quarter3:月Month日Day时Hour分Minute第四季度Quarter4:月Month日Day时Hour分Minute是否使用了基于域名的虚拟主机Usedomain-basedvirtualhosting需扫描的系统是否处于入侵检测/入侵保护系统的保护之中Areanyintrusiondetection/preventionsystemsinfrontofthesystemstobescanned服务期限ServicePeriod年year(s)(Numberofyears)总价Totalprice_____人民币/美元ChineseYuan/USD付款计划PaymentPlan签署合同后10天之内支付100%项目款Pay100%within10daysafterthecontractissigned.
委托协议的接受Acceptanceofthecontract公司名称CompanyName:签字Signature:公司盖章CompanySeal:日期Date:请完成并签署本协议,并通过如下方式提交:Pleasecompleteandsignthisagreement,andsubmititbythefollowingmethod:发送扫描件到邮箱Submitthescannedcopytoemail:info_cn@atsec.
com或传真orFax:+861082890017条款和条件TermsandConditions下列条款和条件适用于atsec信息安全("atsec")和委托客户(以下简称"客户")的评估服务协议.
术语"PCISSC"是指PCI安全标准委员会有限责任公司.
术语"评估程序"是指根据评估服务协议中选择的支付卡品牌(美国运通,Discover,VISA,万事达和JCB)所定义的符合性程序.

ThefollowingTermsandConditionsapplytotheAssessmentServiceAgreementbetweenatsecinformationsecurity("atsec")andtheEntrustingcustomer("theCustomer")asidentifiedintheAssessmentServiceAgreement.
ThetermPCISSCmeansthePCISecurityStandardsCouncil,LLC.
Thetermassessmentprogrammeansthecomplianceprogram(s)definedbythepaymentcardbrands(AmericanExpress,Discover,Visa,MastercardandJCB)asselectedintheAssessmentServiceAgreement.
服务Services:atsec承诺提供,客户承诺接受根据所填写的信息而进行外部安全扫描服务.
额外的工作内容将根据需要进行增补.
所有的工作内容应被客户签署并遵从本合同.
atsecagreestoprovide,andCustomeragreestoaccepttheexternalsecurityScanserveaccordingtothefilledinformation.
AdditionalWorkStatementsshallbeaddedasneeded.
AllWorkStatementsshallbesignedbythecustomerandsubjecttothisAgreement.
执行服务的方式MethodofPerformingServices:atsec负责决定为客户执行服务内容的方法、细节和方式.
atsecshallhavetherighttodeterminethemethod,details,andmeansofperformingtheworktobeperformedforCustomer.
工作地点PlaceofWork:atsec将远程执行外部安全扫描工作.
atsecwillworkremoteexecutionofexternalsecurityscan.
客户方代表CustomerRepresentative:客户方代表将负责提供项目的完整信息和反馈意见,并确保根据atsec发票和项目费用报告及时付款.
客户方代表将代表客户的意见,并被atsec理解为项目需要的最终权威决定.
TheCustomerRepresentativewillberesponsibleforprovidingfullinformationandfeedbackfortheProjectandforensuringthatatsecinvoicesandexpensereportsaretimelypaid.
TheCustomerRepresentativewillserveasthevoicefortheCustomerandwillbeconsideredbyatsectohavefinal,authoritativedecisionmakingabilityasneededfortheProject.
期限Term:本合同将从签署生效日期开始,持续时间为上述商务条款明确的服务期限,并包括客户方从atsec寻求或获取服务的任何后续期限.
服务期限的延续需要经过客户的书面声明.
ThetermofthisAgreementshallcommenceontheEffectiveDateandshallcontinuefortheperiodsetforthinthesectionofcommercialconditions,andthereafterforaslongasCustomerseeksorobtainsservicesfromatsec.
Termextensionsshallbemadewithcustomer'swrittennotice.
终止Termination:如果合同一方违背本合同相关条款,且违背方不能在收到未违背方书面违约通知后30天内解决该违约事宜,本合同可以被单方面终止;倘若由于客户支付费用失败导致,应付款应在客户收到该失败通知起15天内付清.
如果无违约行为发生,客户可以在全部尾款和合同期限内未付费用支付之后,终止本合同.

ThisAgreementmaybeterminatedbyeitherpartyuponwrittennoticeiftheotherpartybreachesanyobligationprovidedhereunderandthebreachingpartyfailstocuresuchbreachwithinathirty(30)dayperiodafterreceiptofwrittennoticeofbreachfromthenon-breachingparty;providedthatthecureperiodforanyfailureofCustomertopayfeesandchargesduehereundershallbefifteen(15)daysfromthedateofreceiptbyCustomerofnoticeofsuchfailure.
Ifnobreachhasoccurred,Customermayterminatethecontractuponfullpaymentoftheunpaidfeebalanceplustheretaineramountthroughtheendofthecontractterm.
费用Fees:该固定价格的合同应该根据工作内容说明中规定的付款计划开具发票,客户应在签署合同后10天内付款.
Thefixed-pricedagreementshallbeinvoicedbasedonthepaymentplanintheWorkStatement,andshallbepaidbyCustomerwithinten(10)daysaftertheagreementissigned.
第三方信息ThirdPartyInformation:合同双方可能获得第三方的机密或者产权信息(以下简称"第三方信息"),该信息需要保持其机密性并在受限的目的下使用.
在本合同期限以及后续一年以内,双方将保持客户或者atsec指定为第三方信息的机密性和不被泄露(需要得到该信息进行相关工作的客户员工,或者需要得到该信息进行相关工作的atsec员工、附属人或组织除外)或非法使用,除非为了执行相关工作,第三方信息根据具体情况由客户或者atsec书面授权或者公开.

Thepartiesmayfromtimetotimereceivefromthirdpartiesconfidentialorproprietaryinformation("ThirdPartyInformation")subjecttoadutytomaintaintheconfidentialityofsuchinformationandtouseitforonlycertainlimitedpurposes.
DuringtheperiodofthisAgreementandforoneyearthereafter,thepartieswillholdThirdPartyInformation,whichshallbeidentifiedassuchbytheCustomeroratsec,inconfidenceandwillnotdisclose(otherthantotheCustomer'spersonnelwhoneedtoknowitinconnectionwiththeirworkfortheCustomer,tothePCISSC,ortotheemployees,associatesoraffiliatesofatsecwhoneedtoknowitinconnectionwiththeirworkforCustomer)oruse,exceptinconnectionwiththeworkperformedhereunder,ThirdPartyInformationunlessexpresslyauthorizedbytheCustomeroratsec,asthecasemaybe,inwritingoravailabletothepublic.
非排他性Nonexclusivity:客户明确的同意atsec不被禁止提供服务给客户以外的其他个人、机构、公司、或任何实体,该服务可能与本工作任务同样或相近,或是任何其他性质的服务,无论该个人、机构、公司、或实体的商业性质.
客户理解工作任务说明中包括的一些工作产品是由atsec开发的数据、信息、结论和其他内容,可能被应用到atsec为其他客户提供的相关咨询服务.

CustomerexpresslyagreesthatatsecwillnotbepreventedorbarredfromrenderingservicesofthesamenatureasorasimilarnaturetothosedescribedintheWorkStatement(s),orofanynaturewhatsoever,fororonbehalfofanyperson,firm,corporation,orentityotherthanCustomer,regardlessofthenatureofthebusinessofthatperson,firm,corporation,orentity.
Customerunderstandsthatsomedata,information,conclusions,andothercontentcontainedintheWorkProductanddevelopedbyatsecmaybeutilizedbyatsecinconnectionwithprovidingconsultingservicetootheratseccustomers.
保证和责任范围WARRANTY,LIMITATIONOFLIABILITY:atsec将对客户间接的、特殊的、偶然发生的、惩罚性的以及作为后果导致的损失不承担任何责任,包括但不限于收入或预期利润的损失、资金损失、商业声誉或机会的损失、恢复的成本、调整或重建任何程序、数据或网络安全漏洞,即使atsec已经对此损失的可能性提出劝告意见.

atsecshallnotbeliabletocustomerforanyindirect,special,incidental,exemplaryorconsequentialdamages,including,butnotlimitedto,lostprofitsorrevenues,costofcapital,lossofbusinessreputationoropportunity,orcostsofrecovering,reprogrammingorreproducinganyprogramordataornetworksecuritybreach,evenifatsechasbeenadvisedofthepossibilityofsuchdamages.
atsec完全不承担任何由于报告使用不当而造成客户的任何损失和遭受的危害.
TheCompanywillcompletelyindemnifyatsecagainstanylosssufferedbyand/oranyclaimsagainstatsecarisingfrommisuseoftheReportofCompliancebytheCompany.
NoConflict.
不冲突:第三方针对atsec为客户提供咨询服务的任何形式的限制和约束,atsec表示不承担任何责任.
atsec承诺不泄露和使用任何第三方工作内容、任何商业机密、或者其他产权信息给客户,除非atsec获得许可且不给atsec或者客户带来任何工作或未来应用的第三方连带责任(过去或未来).

atsecrepresentsandwarrantsthatithasnoobligationstoanythirdpartythatwillinanywaylimitorrestrictitsabilitytoperformconsultingservicestoCustomerhereunder.
atsecagreesthatitwillnotdisclosetoCustomer,normakeuseintheperformanceofanyworkhereunder,anytradesecrets,orotherproprietaryinformationofanythirdparty,unlessatsecmaydosowithoutatsecorCustomerincurringanyobligation(pastorfuture)tosuchthirdpartyforsuchworkoranyfutureapplicationthereof.
附录A:扫描的准备AppendixA:Preparationforscanning扫描器的源IPSourceIPofscanners安全扫描将采用扫描群集服务器执行远程方式的弱点扫描,扫描器IP地址如下:Thesecurityscanningactivityiscarriedoutremotelyfromthescanningclustermachines:64.
39.
96.
0/20(64.
39.
96.
1-64.
39.
111.
254)62.
210.
136.
128/25(62.
210.
136.
129-62.
210.
136.
254)167.
216.
252.
0/26(167.
216.
252.
1-167.
216.
252.
62)客户需要确保扫描服务器到被扫描目标IP地址的可访问性,比如必要时调整防火墙配置,或者添加扫描源IP地址到任何类别的拒绝服务攻击保护机制的白名单中,等等.
TheCustomerisresponsibleforensuringtheaccessibilityofthescanningserverstothetargetIPaddresses,forinstanceadjustthefirewallconfiguration,oraddthescanningsourceIPaddressintothewhitelistofanykindsofDOS(DenialofService)protectionmechanisms,etc.
参见下面附录B中所描述的目前atsec所采用的扫描器的说明.
SeeAppendixBformoredetaileddescriptiononthescannertoolsusedbyatsecatthismoment.
报告传输的加密机制Encryptionforreportsubmissionatsec采用PDF格式下载或者邮件的方式为客户提交安全扫描报告.
报告必须经过密码算法的加密和签名,从而确保安全传输和报告任何拷贝的完整性.
atsecdeliversthesecurityscanreportstotheCustomereitherbydownloadore-mailinPDFformat.
Reportsmustbecryptographicallyencryptedandsignedinordertoensuresecuredeliveryandtheintegrityofanycopiesofthereport.
atsec建议采用GnuPG或者PGP方式加密传输上述机密报告.
如果可以,请随本协议提供您的公钥.
atsecsuggesttouseGnuPGorPGPforreportencryption.
Ifpossible,pleaseprovideyourpublickeytogetherwiththisagreement.
附录B:扫描器的相关说明AppendixB:Therelateddescriptionforscanneratsec目前所采用的扫描方法主要专注于黑客在尝试执行攻击时可能采用的不同步骤.
它尝试使用黑客所采用的相同的发现和信息收集技术.
Thescanningmethodologyusedbyatsecatthismomentmainlyfocusesonthedifferentstepsthatanattackermightfollowinordertoperformanattack.
Ittriestouseexactlythesamediscoveryandinformationgatheringtechniquesthatwillbeusedbyanattacker.
扫描引擎由处理不同扫描任务的模块组成,且通过智能的方式串联从而避免执行无意义的脆弱性检查.
它仅仅根据被发现和正确识别的服务执行脆弱性检测.
Thescanningengineiscomposedofdifferentmodulesthathandlespecificscanningtasksandarechainedinanintelligentwayinordertoavoidperforminganymeaninglessvulnerabilitychecks.
Itonlyperformsvulnerabilitydetectionbasedonservicesthatwerediscoveredandproperlyidentified.
扫描引擎采用非常有效的方式执行扫描,从而优化速度和性能.
下面是针对扫描主要步骤的简要描述:Thescanningengineperformsscansinaverydynamicmannertooptimizespeedandperformance.
Thefollowingisasimplifieddescriptionofthemainstepsofascan:1、检查是否远程主机是可激活的–第一步是检查是否被扫描的主机是启动和运行的,从而避免浪费时间对不激活的或者不可到达的主机执行扫描.
该检查通过发送ICMPEchoRequest(Ping)包来完成,也包括熟知的TCP和UDP端口的探测:1.
Checkingiftheremotehostisalive-Thefirststepistocheckifthehosttobescannedisupandrunninginordertoavoidwastingtimeonscanningadeadorunreachablehost.
ThisdetectionisdonebysendingICMPEchoRequest(ping)packets,aswellasprobingwell-knownTCPandUDPports:TCPprobes:21(FTP)22(SSH)23(TELNET)25(SMTP)53(DNS)80(HTTP)88(Kerberos)110(POP3)111(RPC)135(MSRPC)139(SMB)443(HTTPS)445(MS-DS)这些TCP探测是Synchronization(SYN)报文.
当TCPSYN报文发送给目标主机的一个开放端口,该目标主机发送TCPSYNACK报文作为响应.
扫描器对其进行TCPRST(Reset)响应.
当TCPSYN报文发送到目标主机关闭的端口上,目标主机发送TCPRST报文作为响应.
TheseTCPprobesareSynchronization(SYN)packets.
WhenaTCPSYNpacketissenttoanopenportonthetargethost,thetargethostsendsaTCPSYNACKpacketinresponse.
ThescannerrespondstoitwithaTCPRST(Reset)packet.
WhenaTCPSYNpacketissenttoaclosedportonthetargethost,thetargethostsendsaTCPRSTpacketinresponse.
这被视为典型地TCPHalf-Open端口扫描因为到这些端口的TCP连接并没有被完全建立.
完全的建立开放端口的TCP连接需要TCP的三次握手(SYN、SYNACK、ACK).
Half-open端口的扫描的该过程并没有完成,因为ACK报文没有被扫描器发送.

ThisistypicallyreferredtoasTCPHalf-OpenPortScanningbecauseTCPconnectionstotheseportsarenotfullyestablished.
TofullyestablishaTCPconnectiontoanopenportrequiresaTCPThree-WayHandshake(SYN,SYNACK,ACK).
Thisprocessisnotcompletedbyahalf-openportscanbecausetheACKpacketisnotsentbythescanner.
UDPprobes:53(DNS)111(RPC)135(MSRPC)137(NETBIOS-NS)161(SNMP)500(ISAKMP)这些UDP探测针对不同的端口是不同的,但是他们都根据RFC标准针对使用这些端口的默认协议作出了很好的格式和结构的规定.
TheseUDPprobesaredifferentfordifferentports,buttheyareallwell-formedandconstructedaccordingtoRFCstandardsforthedefaultprotocolsusingtheseports.
如果扫描器收到至少一个来自远程主机的回复,它将继续执行扫描.
Ifthescannerreceivesatleastonereplyfromtheremotehost,itcontinuesthescan.
2、防火墙探测–第二个测试是检查是否主机在任何防火墙/过滤设备之后.
该测试使得扫描器能收集更多的关于网络结构的信息,并在TCP和UDP端口扫描时给出帮助.
如果检测到有防火墙存在,扫描器也将通过发送特定的伪造报文,比如向一些被防火墙过滤的端口发送片断的或者欺骗的报文,以检查防火墙的过滤规则能否被绕过,从而检查是否防火墙被正确配置.

2.
Firewalldetection-Thesecondtestistocheckifthehostisbehindanyfirewalling/filteringdevice.
ThistestenablesthescannertogathermoreinformationaboutthenetworkinfrastructureandwillhelpduringthescanofTCPandUDPports.
Ifafirewallisdetected,thescanneralsotriestocheckifthefirewallisproperlyconfiguredbysendingspecificallyforgedpacketssuchasfragmentedorspoofedpacketstosomefirewalledportstocheckiftheycangothroughthefirewalldespiteitsfilteringrules.
3、TCP/UDP端口扫描–第三步是探测所有打开的TCP和UDP端口确定从而在该主机上运行的服务.
TCP端口扫描基于隐藏式的扫描(比如发送TCPSYN报文),并可以配置使用或多或少的带宽,从而避免占用更多的网络资源.
3.
TCP/UDPPortscanning-ThethirdstepistodetectallopenTCPandUDPportstodeterminewhichservicesarerunningonthishost.
TCPportscanningisbasedonastealthscan(i.
esendingTCPSYNpackets)andcanbeconfiguredinordertousemoreorlessbandwidthinordertoavoidconsumingtoomanynetworkresources.
4、操作系统检测–一旦TCP端口扫描被执行,扫描器尝试识别运行在主机上的操作系统.
该检测基于向打开或者关闭的端口发送特定的TCP报文实现的.
通过检查主机回应的格式,扫描器可能识别用于发送这些回复的TCP/IP堆栈,从而识别操作系统.

4.
OSDetection-OncetheTCPportscanninghasbeenperformed,thescannertriestoidentifytheoperatingsystemrunningonthehost.
ThisdetectionisbasedonsendingspecificTCPpacketstoopenandclosedports.
BycheckingtheformatofthehostrepliesthescannermayidentifytheTCP/IPstackusedforsendingthesereplies,andthustheoperatingsystem.
5、TCP/UDP服务发现–一旦TCP/UDP端口被发现打开,扫描器通过使用主动发现测试,尝试识别每个端口上运行了哪些服务.
5.
TCP/UDPServiceDiscovery-OnceTCP/UDPportshavebeenfoundopen,thescannertriestoidentifywhichservicerunsoneachopenportbyusingactivediscoverytests.
6、基于发现服务的脆弱性评估–一旦扫描器识别了运行在每个打开TCP和UDP端口的特定服务,它将执行实际的脆弱性评估.
扫描器首先尝试检查服务的版本,以便检测仅仅适用于该特定服务版本的脆弱性.
比如,当一个HTTP服务被检测到,扫描器首先决定是否它是Apache、IIS、Domino或者任何其它的HTTP服务,然后确定服务的版本,随后仅仅测试在该服务和版本上已知的脆弱性.
每个脆弱性检测是非攻击性的,这意味着扫描器绝对不会尝试利用任何对主机造成负面影响的漏洞发起攻击测试.