Si leíste [[rusia:ips-zonas-militares|]] podrás entender como se obtiene el fichero areas_con_ips.txt (zonas militares con ips asignadas) \\
 \\
Escaneamos los puertos más comunes \\
 \\
sudo masscan --ports 80,22,443,110,995,143,993,3306,2082,2083,25,2095,2096,2077,2078 --rate 10000 -iL areas_con_ips.txt -oJ masscan_areas_con_ips.json \\
 \\
cat masscan_areas_con_ips.json | grep open \\
 \\
{  "ip": "79.174.36.70",  "timestamp": "1734231736", "ports": [ {"port": 443, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 48} ] } \\
{  "ip": "79.174.36.220",  "timestamp": "1734231736", "ports": [ {"port": 22, "proto": "tcp", "status": "open", "reason": "syn-ack", "ttl": 48} ] } \\
 \\
 \\
mmdblookup --file ../GeoLite2-City.mmdb --ip 79.174.36.70 | grep -oE '[0-9]{1,3}\.[0-9]{6}' \\
55.687700 \\
37.197100 \\
 \\
 \\
mmdblookup --file ../GeoLite2-City.mmdb --ip 79.174.36.220 | grep -oE '[0-9]{1,3}\.[0-9]{6}' \\
55.687700 \\
37.197100 \\
 \\
 \\
Vemos que las 2 ips pertenecen a la misma zona militar \\


creamos un fichero hosts_areas.txt con esas 2 ips \\
 \\
sudo nmap -F -sS -iL hosts_areas.txt -oA nmap_areas_con_hosts_ru \\
 \\
Starting Nmap 7.80 ( https://nmap.org ) at 2024-12-15 04:08 CET \\
Nmap scan report for 79.174.36.70 \\
Host is up (0.16s latency). \\
Not shown: 96 filtered ports \\
PORT    STATE SERVICE \\
21/tcp  open  ftp \\
22/tcp  open  ssh \\
443/tcp  open  https \\
1723/tcp open  pptp \\
 \\
Nmap scan report for 79.174.36.220 \\
Host is up (0.17s latency). \\
Not shown: 95 filtered ports \\
PORT    STATE SERVICE \\
21/tcp  open  ftp \\
22/tcp  open  ssh \\
80/tcp  open  http \\
443/tcp  open  https \\
3306/tcp open  mysql \\
 \\
Nmap done: 2 IP addresses (2 hosts up) scanned in 11.98 seconds  \\

{{ :rusia:masscan_nmap_areas_militares_ru.tar.gz |}}