7MS #147: DIY Hosted Mutillidae
7 Minute Security26 Jan 2016

7MS #147: DIY Hosted Mutillidae

In this episode I talk about how to build a cheap hosted Mutillidae server to safely hack away on while keeping other Internet prowlers out. Here are the basic commands to run to lock down the Digital Ocean droplet's iptables firewall:

*Flush existing rules*

**sudo iptables -F**

*Allow all concurrent connections*

**sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT**

*Allow specific IPs/hosts to access port 80*

**sudo iptables -A INPUT -p tcp -s F.Q.D.N --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT**

*Allow specific IPs/hosts to access port 22*

**sudo iptables -A INPUT -p tcp -s F.Q.D.N --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT**

*Block all other traffic:*

**sudo iptables -P INPUT DROP**

*Provide the VPS loopback access:*

**sudo iptables -I INPUT 1 -i lo -j ACCEPT**

*Install iptables-persistent to ensure rules survive a reboot:*

**sudo apt-get install iptables-persistent**

*Start iptables-persistent service*

**sudo service iptables-persistent start**

*If you make iptables changes after this and they don't seem to stick, do this:*

**sudo iptables-save > /etc/iptables/rules.v4**

See this Digital Ocean article for more information.

Avsnitt(683)

7MS #114: PCI Pentesting 101-Part 3

7MS #114: PCI Pentesting 101-Part 3

Part 3 on my series about PCI pentesting. Yeah. That.

2 Dec 20157min

7MS #113: Big Bag of Random Security Stuff

7MS #113: Big Bag of Random Security Stuff

Yep, this episode is EXACTLY what the title implies.

27 Nov 201510min

7MS #112: This is Sparta!

7MS #112: This is Sparta!

This episode is about one of my favorite enumeration tools called Sparta - it's built right into Kali 2. And maybe it was in Kali 1 and I totally missed it. But whatevs. I'm happy to have found it now!

25 Nov 20158min

7MS #111: Hacking WPA Enterprise-Part 2

7MS #111: Hacking WPA Enterprise-Part 2

The thrilling (?) conclusion of my experience hacking WPA Enterprise.

20 Nov 20156min

7MS #110: Hacking WPA Enterprise-Part 1

7MS #110: Hacking WPA Enterprise-Part 1

This episode is about my experience hacking WPA enterprise. Huge mega tiger uppercut thanks to this site for giving me the fixes I needed to get this working on Kali2! https://warroom.securestate.com/index.php/evil-twin-attack-using-hostapd-wpe/

17 Nov 20158min

7MS #109: OFFTOPIC-It Follows and Backcountry

7MS #109: OFFTOPIC-It Follows and Backcountry

Movie reviews of It Follows and Backcountry.

13 Nov 20157min

7MS #108: I'm Going to PWAPT!-Part 2

7MS #108: I'm Going to PWAPT!-Part 2

Here's part 2 (of probably several to come) about my experience with PWAPT (Practical Webapp Pentesting) training last week!

11 Nov 201510min

7MS #107: I'm Going to PWAPT!

7MS #107: I'm Going to PWAPT!

Hey I'm going to PWAPT this week (http://www.eventbrite.com/e/practical-web-application-penetration-testing-with-tim-tomes-lanmaster53-tickets-16718889649), so in this episode I talk about that...and how I'll probably be too info-overloaded to record anything on Thursday :-). Oh, and I had a fun Web app pentest this week that I wanted to share some fun bits on.

3 Nov 20157min

Populärt inom Politik & nyheter

p3-krim
svd-dokumentara-berattelser-2
flashback-forever
rss-krimstad
rss-vad-fan-hande
aftonbladet-daily
rss-viva-fotboll
rss-sanning-konsekvens
olyckan-inifran
svenska-fall
krimmagasinet
fordomspodden
motiv
dagens-eko
rss-expressen-dok
blenda-2
rss-frandfors-horna
svd-nyhetsartiklar
spar
spotlight