-
Notifications
You must be signed in to change notification settings - Fork 1
/
Int-WWW.startup
33 lines (21 loc) · 1.22 KB
/
Int-WWW.startup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Internal WWW Server.
ifconfig eth0 10.0.9.3/29
# Defaults to Gateway of Internal Servers.
route add default gw 10.0.9.1
a2enmod ssl
a2ensite default-ssl
service apache2 start
# One of the following ports is used for
# port knocking, the rest are for misdirection.
while true; do nc -lvp 1887; done &
while true; do nc -lvp 22456; done &
while true; do nc -lvp 38964; done &
/etc/init.d/ssh start
# Port Knocking to 1887 and within 45 seconds ssh through the unconventional port 36747.
# Useful Commands:
# 1) The server should first have a root password set using the command: "passwd".
# 2) Knock the port 1887 using: "nmap -Pn --max-retries 0 -p 1887 10.0.9.3". Netcat can be used too.
# 3) Within 45 seconds, perform the following command from admin: "ssh -p 36747 [email protected]".
iptables -A INPUT -s 10.0.13.0/30 -p tcp --syn --dport 1887 -m comment --comment "Portknock sequence" -m recent --set --name portknock
iptables -A INPUT -s 10.0.13.0/30 -p tcp --syn --dport 36747 -m recent --rcheck --seconds 45 --name portknock -m conntrack --ctstate NEW -m comment --comment "SSH Unconventional Port" -j ACCEPT
iptables -A INPUT -p tcp --syn --dport 36747 -m comment --comment "Restrics connections without first portknocking" -j DROP