LAB 2 - CAMILA RICHTER (20 puntos) Utilizando httpie, hagan una solicitud de HTTP al servidor ○ → http https://nrywhite.lat/23183/ HTTP/1.1 200 OK CF-RAY: 91060f3a3c782039-IAD Connection: keep-alive Content-Encoding: br Content-Type: text/html Date: Tue, 11 Feb 2025 17:29:09 GMT NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fSQ228%2FjCkZ88rFefNlKI37ZxaihZ8zgJVC0wQeAmrgZzyLz%2BtThnZhNouzq2yv9%2FvXPaj%2FD4zFRNxvP6ujj7CMpbRXRkLmpG6Ob%2FngKWfKUwrJWcZ3sfElZoYd2ur4%3D"}],"group":"cf-nel","max_age":604800} Server: cloudflare Transfer-Encoding: chunked alt-svc: h3=":443"; ma=86400 cf-cache-status: DYNAMIC server-timing: cfL4;desc="?proto=TCP&rtt=1315&min_rtt=1271&rtt_var=566&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3055&recv_bytes=762&delivery_rate=2666666&cwnd=236&unsent_bytes=0&cid=67a173fe2afb38eb&ts=47&x=0" vary: accept-encoding Index of /23183/

Index of /23183/

../
lab1/                                              
10-Feb-2025 01:14                   -
top10/                                             
05-Feb-2025 03:41                   -
20250128.txt                                       
29-Jan-2025 03:11                  11
(10 puntos) Utilizando curl, hagan una solicitud de HTTP al servidor ○ → curl https://nrywhite.lat/ Sistemas y Tecnologías Web | 10

Nry White

Sistemas y Tecnologías Web

21749
Estudiante
23016
Estudiante
23045
Estudiante
23065
Estudiante
23088
Estudiante
23108
Estudiante
23183
Estudiante
23208
Estudiante
23236
Estudiante
23267
Fabián Morales
23391
Estudiante
23428
Estudiante
23542
Estudiante
23584
Kevin Villagrán
23719
Jose Ruiz
23747
Estudiante
23763
Gerardo Fernández
23009
Estudiante
23044
Estudiante
23053
Estudiante
23079
Estudiante
23089
Estudiante
231311
Estudiante
23197
Nicolas Concua
23218
Nery Molina
23247
Estudiante
23306
Estudiante
23405
Estudiante
23525
Estudiante
23556
Estudiante
23645
Fernando Hernandez
23735
Alexander de la Cruz
23748
Fernando Rueda
23773
Estudiante
Tabla
Ejemplo
Form
Ejemplo
(5 puntos) Que pasa si tratan de hacer una solicitud de HTTP desde el servidor hacia su computadora? ○ → curl -v 10.28.1.248 * Trying 10.28.1.248:80... * connect to 10.28.1.248 port 80 from 172.31.31.175 port 37044 failed: Connection timed out * Failed to connect to 10.28.1.248 port 80 after 133369 ms: Couldn't connect to server * Closing connection curl: (28) Failed to connect to 10.28.1.248 port 80 after 133369 ms: Couldn't connect to server (10 puntos) Utilizando tail dentro del servidor, obtengan las últimas 15 líneas del archivo /var/log/nginx/access.log ○ → tail -n 15 /var/log/nginx/access.log 162.158.11.157 - - [11/Feb/2025:17:48:21 +0000] "GET /23089/ HTTP/1.1" 200 224 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:25 +0000] "GET / HTTP/1.1" 200 2052 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:28 +0000] "GET /23218/ HTTP/1.1" 200 236 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:29 +0000] "GET /23748/ HTTP/1.1" 200 628 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:30 +0000] "GET /23645/ HTTP/1.1" 200 225 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:33 +0000] "GET /23405/ HTTP/1.1" 200 233 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:35 +0000] "GET /23197/ HTTP/1.1" 200 235 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:36 +0000] "GET /231311/ HTTP/1.1" 200 225 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:38 +0000] "GET /23391/ HTTP/1.1" 200 237 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:39 +0000] "GET /23267/ HTTP/1.1" 200 225 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 162.158.11.157 - - [11/Feb/2025:17:48:40 +0000] "GET /23088/ HTTP/1.1" 200 255 "https://nrywhite.lat/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36" 172.68.76.136 - - [11/Feb/2025:17:49:05 +0000] "GET / HTTP/1.1" 301 178 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1" 162.158.11.148 - - [11/Feb/2025:17:49:06 +0000] "GET / HTTP/1.1" 200 2605 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1" 162.158.11.150 - - [11/Feb/2025:17:49:06 +0000] "GET /favicon.ico HTTP/1.1" 404 134 "https://nrywhite.lat/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1" 162.158.11.157 - - [11/Feb/2025:17:49:20 +0000] "GET / HTTP/1.1" 200 2052 "https://nrywhite.lat/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Mobile/15E148 Safari/604.1" (10 puntos) Utilizando ps y grep identifiquen qué procesos está corriendo amazon dentro del servidor ○ → ps aux | grep amazon root 526 0.0 1.3 1759296 13256 ? Ssl Feb09 0:04 /snap/amazon-ssm-agent/11092/amazon-ssm-agent root 955 0.0 2.3 1860804 22868 ? Sl Feb09 0:16 /snap/amazon-ssm-agent/11092/ssm-agent-worker ubuntu 122609 0.0 0.2 7076 2048 pts/0 S+ 19:56 0:00 grep --color=auto --exclude-dir=.bzr --exclude-dir=CVS --exclude-dir=.git --exclude-dir=.hg --exclude-dir=.svn amazon (10 puntos) Utilizando dig dentro del servidor, obtengan la ip que resuelve al hacer un dns lookup uvg.edu.gt ○ → dig uvg.edu.gt ; <<>> DiG 9.18.30-0ubuntu0.24.04.2-Ubuntu <<>> uvg.edu.gt ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46340 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 65494 ;; QUESTION SECTION: ;uvg.edu.gt. IN A ;; ANSWER SECTION: uvg.edu.gt. 300 IN A 45.223.56.41 uvg.edu.gt. 300 IN A 45.223.155.41 ;; Query time: 79 msec ;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP) ;; WHEN: Mon Feb 10 22:24:06 UTC 2025 ;; MSG SIZE rcvd: 71 (5 puntos) Cuanta memoria RAM, total usada y libre, tiene el servidor? (su respuesta debe estar en MB) ○ → free -m total used free shared buff/cache available Mem: 957 524 142 20 495 433 Swap: 0 0 0 (5 puntos) Cuanta espacio de disco, total usado y disponible, tiene el servidor? (su respuesta debe estar en MB) ○ → df -m Filesystem 1M-blocks Used Available Use% Mounted on /dev/root 28691 7628 21047 27% / tmpfs 479 20 460 5% /dev/shm tmpfs 192 2 191 1% /run tmpfs 5 0 5 0% /run/lock /dev/xvda16 881 76 744 10% /boot /dev/xvda15 105 7 99 6% /boot/efi tmpfs 96 1 96 1% /run/user/1000 (5 puntos) Utilizando el comando ip obtengan la ip del servidor ○ → ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: enX0: mtu 9001 qdisc fq_codel state UP group default qlen 1000 link/ether 0a:ff:d6:c1:6d:a5 brd ff:ff:ff:ff:ff:ff inet 172.31.31.175/20 metric 100 brd 172.31.31.255 scope global dynamic enX0 valid_lft 2742sec preferred_lft 2742sec inet6 fe80::8ff:d6ff:fec1:6da5/64 scope link valid_lft forever preferred_lft forever 3: docker0: mtu 1500 qdisc noqueue state UP group default link/ether 02:42:47:c1:f2:7d brd ff:ff:ff:ff:ff:ff inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 valid_lft forever preferred_lft forever inet6 fe80::42:47ff:fec1:f27d/64 scope link valid_lft forever preferred_lft forever 7: veth236a14f@if6: mtu 1500 qdisc noqueue master docker0 state UP group default link/ether 0e:f7:78:3b:d0:f5 brd ff:ff:ff:ff:ff:ff link-netnsid 0 inet6 fe80::cf7:78ff:fe3b:d0f5/64 scope link valid_lft forever preferred_lft forever (10 puntos) lsof lista los archivos abiertos. Identifiquen los archivos abiertos por el protocolo TCP en el puerto 80 ○ → sudo lsof -i TCP:80 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nginx 123442 root 5u IPv4 448248 0t0 TCP *:http (LISTEN) nginx 123442 root 7u IPv6 448250 0t0 TCP *:http (LISTEN) nginx 123443 www-data 5u IPv4 448248 0t0 TCP *:http (LISTEN) nginx 123443 www-data 7u IPv6 448250 0t0 TCP *:http (LISTEN) (20 puntos) Utilizando netstat, listen los puertos por los que está escuchando el servidor. Deben filtrar usando las siguientes opciones de netstat (esto es un solo comando con estas opciones): tcp udp numeric (muestra los puertos por número) program (muestra qué programa es el que está escuchando) ○ → netstat -tulnp (No info could be read for "-p": geteuid()=1000 but you should be root.) Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.54:53 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:90 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN - tcp6 0 0 :::10 :::* LISTEN - tcp6 0 0 :::90 :::* LISTEN - tcp6 0 0 :::80 :::* LISTEN - udp 0 0 127.0.0.54:53 0.0.0.0:* - udp 0 0 127.0.0.53:53 0.0.0.0:* - udp 0 0 172.31.31.175:68 0.0.0.0:* - udp 0 0 127.0.0.1:323 0.0.0.0:* - udp6 0 0 ::1:323 :::* (30 puntos) Utilizando ss, listen los puertos por los que está escuchando el servidor. Deben filtrar usando las siguientes opciones de ss (esto es un solo comando con estas opciones): summary tcp ○ → ss --tcp State Recv-Q Send-Q Local Address:Port Peer Address:Port Process ESTAB 0 0 172.31.31.175:38628 52.46.142.7:https ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:190.56.194.12]:49797 ESTAB 0 52 [::ffff:172.31.31.175]:10 [::ffff:181.209.179.43]:49431 ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:190.14.11.2]:57690 ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:190.56.194.12]:49892 ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:190.14.11.2]:57676 ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:190.106.196.44]:19943 ○ → ss -at State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 4096 127.0.0.54:domain 0.0.0.0:* LISTEN 0 4096 0.0.0.0:90 0.0.0.0:* LISTEN 0 511 0.0.0.0:http 0.0.0.0:* LISTEN 0 511 0.0.0.0:https 0.0.0.0:* LISTEN 0 4096 127.0.0.53%lo:domain 0.0.0.0:* TIME-WAIT 0 0 172.31.31.175:47356 169.254.169.254:http ESTAB 0 0 172.31.31.175:33462 209.54.181.109:https LISTEN 0 4096 *:10 *:* LISTEN 0 4096 [::]:90 [::]:* LISTEN 0 511 [::]:http [::]:* ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:200.119.180.132]:40355 ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:181.174.106.196]:2902 ESTAB 0 52 [::ffff:172.31.31.175]:10 [::ffff:200.119.180.132]:15944 ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:181.209.152.170]:2089 ESTAB 0 0 [::ffff:172.31.31.175]:10 [::ffff:200.119.180.132]:27077