Universidad del Valle de Guatemala
Diego Fabián Morales Dávila - 23267


(20 puntos) Utilizando httpie, hagan una solicitud de HTTP al servidor

jostoficial@DESKTOP-GL99MDH:~$ http https://dernait.my
HTTP/1.1 200 OK
CF-RAY: 91120b38eae7e9f0-MIA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 13 Feb 2025 04:23:34 GMT
Last-Modified: Wed, 12 Feb 2025 16:47:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2Fo8yEm5rcIxJkov6pGL%2Fn%2BJ7v5vZCsPwCJQs2pkOpqqOLDJmOMF8OMkQFOx0bl6KBX4DwMAS2G%2Bi%2FOlEURY998EeAAWSJWf%2F1eI3LK%2Bwmk%2FCDZtViGiyh2j%2Bgqy"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
server-timing: cfL4;desc="?proto=TCP&rtt=49269&min_rtt=46737&rtt_var=19335&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2836&recv_bytes=750&delivery_rate=61963&cwnd=251&unsent_bytes=0&cid=bd4a762ef5adde6b&ts=152&x=0"
vary: accept-encoding

<!DOCTYPE html>
<html lang="es">
<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>DerNait</title>
  <link rel="icon" type="image/png" href="favicon.png">
  <link rel="stylesheet" href="/styles.css?v=2">
</head>
<body>
  <div class="container">
    <div class="text-wrapper">
      <p class="small-text">bienvenidos a</p>
      <h1 class="big-text">DERNAIT.MY</h1>
    </div>
  </div>
</body>
</html>

(30 puntos) Utilizando ss, listen los puertos por los que está escuchando el servidor. Deben filtrar usando las siguientes opciones de ss (esto es un solo comando con estas opciones)

Total: 187
TCP:   9 (estab 3, closed 0, orphaned 0, timewait 0)

Transport Total     IP        IPv6
RAW       1         0         1
UDP       5         4         1
TCP       9         4         5
INET      15        8         7
FRAG      0         0         0

Recv-Q             Send-Q                                  Local Address:Port                                    Peer Address:Port             Process
0                  0                              [::ffff:172.31.80.228]:17                              [::ffff:190.14.11.2]:52958             timer:(keepalive,5min47sec,0) ino:15720 sk:c cgroup:/system.slice/ssh.socket <->
0                  144                            [::ffff:172.31.80.228]:17                           [::ffff:181.174.106.63]:2547              timer:(on,190ms,0) ino:22384 sk:d cgroup:/system.slice/ssh.socket <->
0                  604                            [::ffff:172.31.80.228]:17                           [::ffff:181.174.106.91]:2392              timer:(on,161ms,0) ino:23207 sk:e cgroup:/system.slice/ssh.socket <->              ino:19834 sk:4 cgroup:/system.slice/nginx.service v6only:1 <->

(20 puntos) Utilizando netstat, listen los puertos por los que está escuchando el servidor. Deben filtrar usando las siguientes opciones de netstat (esto es un solo comando con estas opciones):

Netid                   State                    Recv-Q                   Send-Q                                          Local Address:Port                                     Peer Address:Port                  Process
udp                     UNCONN                   0                        0                                                   127.0.0.1:323                                           0.0.0.0:*
udp                     UNCONN                   0                        0                                                  127.0.0.54:53                                            0.0.0.0:*
udp                     UNCONN                   0                        0                                               127.0.0.53%lo:53                                            0.0.0.0:*
udp                     UNCONN                   0                        0                                          172.31.80.228%enX0:68                                            0.0.0.0:*
udp                     UNCONN                   0                        0                                                       [::1]:323                                              [::]:*
tcp                     LISTEN                   0                        511                                                   0.0.0.0:80                                            0.0.0.0:*
tcp                     LISTEN                   0                        4096                                               127.0.0.54:53                                            0.0.0.0:*
tcp                     LISTEN                   0                        511                                                   0.0.0.0:443                                           0.0.0.0:*
tcp                     LISTEN                   0                        4096                                            127.0.0.53%lo:53                                            0.0.0.0:*
tcp                     LISTEN                   0                        511                                                      [::]:80                                               [::]:*
tcp                     LISTEN                   0                        4096                                                        *:17                                                  *:*


(10 puntos) Utilizando tail dentro del servidor, obtengan las últimas 15 líneas del archivo /var/log/nginx/access.log

172.70.255.142 - - [13/Feb/2025:04:25:53 +0000] "GET / HTTP/1.1" 200 124 "https://23391.dernait.my/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.55.234 - - [13/Feb/2025:04:27:12 +0000] "GET / HTTP/1.1" 200 2360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0"
172.70.83.46 - - [13/Feb/2025:04:27:12 +0000] "GET /assets/PROFILE.jpg HTTP/1.1" 200 10753 "https://23525.dernait.my/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0"
172.69.71.5 - - [13/Feb/2025:04:28:58 +0000] "GET / HTTP/1.1" 200 2371 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0"
172.71.222.196 - - [13/Feb/2025:04:32:56 +0000] "GET /lab1 HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0"
172.71.222.196 - - [13/Feb/2025:04:32:56 +0000] "GET /lab1/ HTTP/1.1" 200 2044 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko/20100101 Firefox/135.0"
172.70.255.216 - - [13/Feb/2025:04:34:14 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.254.77 - - [13/Feb/2025:04:37:24 +0000] "GET /23 HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.254.90 - - [13/Feb/2025:04:37:24 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "https://dernait.my/23" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.255.35 - - [13/Feb/2025:04:37:30 +0000] "GET / HTTP/1.1" 200 539 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.55.114 - - [13/Feb/2025:04:37:31 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "https://23065.dernait.my/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.255.160 - - [13/Feb/2025:04:37:40 +0000] "GET /lab2/lab2.txt HTTP/1.1" 200 17771 "https://23584.dernait.my/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.83.155 - - [13/Feb/2025:04:37:40 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "https://23584.dernait.my/lab2/lab2.txt" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.54.62 - - [13/Feb/2025:04:38:18 +0000] "GET / HTTP/1.1" 200 539 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"
172.70.255.4 - - [13/Feb/2025:04:38:18 +0000] "GET /favicon.ico HTTP/1.1" 404 196 "https://23218.dernait.my/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 OPR/116.0.0.0"

(10 puntos) Utilizando dig dentro del servidor, obtengan la ip que resuelve al hacer un dns lookup uvg.edu.gt

45.223.56.41
45.223.155.41

(10 puntos) Utilizando ps y grep identifiquen qué procesos está corriendo amazon dentro del servidor

root         520  0.0  1.9 1685384 19448 ?       Ssl  Feb12   0:01 /snap/amazon-ssm-agent/9881/amazon-ssm-agent
ubuntu      4108  0.0  0.2   6944  2176 pts/3    S+   04:44   0:00 grep --color=auto -i amazon