Jump to content

Restrict pineapple gui access to open wifi clients


Recommended Posts

Is there a built in way to block access to 1471 and ssh 23 to client except those connected to the management WiFi or eth1?  Even with a strong password on the gui, we wouldn't want to be P0wned by the very people that we're trying to pentest.  No point in letting them know, "yep that's a pineapple."  I could also see security scanners looking for 1471.

I'm assuming we can restrict port 1471 usnig IPTABLES or something like that, but I'm curious if there's a built in way to do this using the GUI.

Related, 

1) Is there a downside to changing the default subnet from 172.16.42 to something else?  I could see that being a red flag to scanners and
2) Is there a way in the GUI to change the subnet?

 

Thanks

 

Link to comment
Share on other sites

1. no downside that I know of or found so far, i run mine on 192.168.1.

2. no way to change in gui, would have to be done in ssh
Edit /etc/config/network to change it.  Also you can change the port in /etc/nginx/nginx.conf, you would want to use iptables to block the port still.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...