This action might not be possible to undo. Are you sure you want to continue?
or Accessing a BackTrack server via mobile phone in some vaguely secure way
Set up a Backtrack system that is accessible over the internet from the phone in my pocket. What can I say? I like to practice my metasploit syntax while waiting in the doctor's office. Oh, and I'd also like to do it as cheaply as possible and in some relatively secure fashion.
changed frequently (even better to use certificate authentication for ssh) frequent reverts to the “Known Good” snapshot tunnel VNC through SSH changing the default SSH port from tcp/22 port knocking in order to gain access note: sample configuration files will be in the Speaker Notes where appropriate . specifically my phone Secure it a good password.The Solution BT4 R2 under VMWare This would allow me to move it around as well as maintain a “Known Good” snapshot VNC and SSH This would allow me to access the system from any computer that had a tunneling ssh client.
It doesn't really matter for you hardcore geeks) . BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking." This was all cribbed directly from their website: http://www.backtrack-linux. learning.First. BackTrack is the one-stop-shop for all of your security needs. you will need BackTrack "BackTrack is a Linux security distribution. performing a web application assessment. Make sure you download the one for VMWare. exploiting servers." "Whether you’re hacking wireless. (I know.org This is also where you can download the latest release. I know. or social-engineering a client.
. BackTrack has been kind enough to provide a VMWare virtual appliance.Why VMWare? VMWare allows us to not have to dedicate a whole system to just BackTrack. VMWare also provides us the the ability to take a "snapshot" of the system. This means if the system ever gets breached or you screw up configuration you can always return to your "Known Good".
type: startx . Login with userid: root / password: toor No need to start XWindows.com/ Extract the BackTrack files and open up the one with the ".vmware. but if you really want to.Booting up under VMWare You can download VMWare Player for free (with registration) from: http://downloads.vmx" extension.
'toor'? Really? You gonna keep that? The default password is 'toor'. Change this immediately with: passwd .
udp/3333 ssh: tcp/4444 Feed your config file to iptables-restore iptables-restore < /etc/iptables.rules * sample configuration file in the Speaker notes . tcp/2222. In this example we will use the following: port knocking: tcp/1111.Configure the local firewall We want to setup the BackTrack firewall to block all but necessary traffic. You will need to decide now which ports you are going to use for port knocking and ssh.
d networking defaults * sample configuration file in the Speaker notes .Enable Networking The BackTrack server is configured for DHCP. but the interface is disabled by default. You can enable it with: /etc/init.d/networking start For static IP address you will need to edit: vi /etc/network/interfaces* You can set networking to auto-start on a reboot with: update-rc.
apt-get -y update apt-get -y upgrade apt-get clean .Update BackTrack Now that we have internet access. it's a good time to get the OS up to date.
Edit the config file to change the default SSH port.Enable and configure SSH SSH will be your primary access to BackTrack. Luckily most of the tools you will use in BackTrack are run from command-line anyway.d ssh defaults Advanced configuration using certificate based authentication is at the end of this presentation * sample configuration file in the Speaker notes . * vi /etc/ssh/sshd_config Generate your ssh encryption keys (Do not enter passphrases) ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key Start the ssh server and set it to auto-start on a reboot /etc/init.d/ssh start update-rc.
Port Knocking You can think of port knocking as a "secret knock" used to remotely open and close the ssh port. http://www. After you send it a special sequence of packets.org/projects/knock http://www. the port knock server will issue a command to open the ssh port.org/ .portknocking. you send it a different sequence to close the port again. We will use knockd as our port knock server. After you are finished using ssh.zeroflux. Backtrack will start with all ports closed.
Port Knocking install and configuration To install knockd: apt-get install knockd Edit the config file to set-up the ports you want to use: vi /etc/knockd.conf Start knockd in daemon mode: knockd -d -i eth0 Is this just "security through obscurity"? * sample configuration file in the Speaker notes .
why not have it? At the very least. it looks more impressive when you show off.Start VNC Even though we will rarely use a gui or XWindows. . Start VNC (you will be prompted to set a password): vncserver We will access VNC through an SSH tunnel.
Every now and again you can restore this snapshot in VMWare and come back to exactly this point in your configuration. it'll last longer Take a VMWare snapshot and call it "Known Good".Take a picture. VM -> Snapshot -> Take Snapshot .
You can run the client on any machine behind your router. This is a free service that will keep a hostname always registered to whatever your current. ISP assigned. Here are two: http://www.com/services/dns/dyndns/ http://www. There are many options.Dynamic DNS If you don't have a static IP address you will probably want to setup dynamic DNS on host. IP address.dyndns.no-ip.com/ .
. This is usually available in your router administration.Configure the your Internet router Your internet or wireless router will need to be configured to forward external ports for both SSH and port knocking to the BackTrack system.
ssh. One for port knocking and one for ssh/vnc. You will need two clients. Now it's time to configure the client. My examples will be for the iPhone. You now have it configured for port knocking. Links for Android clients are listed later. . vnc and remote access over the internet. but most smart phones will have these types of clients available.Client side That is it for the server.
http://bluezbox.iPhone:Install and configure KnockOnD I chose KnockOnD as my port knocking client. Mainly because it's free.html . ad free and it works.com/knockond.
As of this writing it's about 10$USD.com/iSSH_features.zinger-soft. But it has benefits that the others do not have. Not the least of which is that it allows for tunneling VNC.html . http://www.iPhone : Install and configure iSSH iSSH is not free.
Android clients For ssh/vnc use ConnectBot ConnectBot For port knocking use knock-android Knock-Android .
Amaze your Friends and Family Amaze yer friends with your incredible 500P3R L337 H4X0R skills .
vnc are running ps ax | grep knockd .Troubleshooting Flush all iptables rules /sbin/iptables --policy INPUT ACCEPT /sbin/iptables --policy OUTPUT ACCEPT /sbin/iptables --policy FORWARD ACCEPT /sbin/iptables -F verify SSH is working without the rules verify knockd. ssh.
Troubleshooting verify ports netstat -an verify iptables iptables -L -n kill processes killall knockd killall sshd vncserver -kill :1 .
Advanced: SSH Certificate Authentication Server setup Change into your local .ssh Generate a RSA key pair (make sure to set a password) ssh-keygen -v -t rsa Authorize the key for 'root' access to the ssh server cp id_rsa.ssh config directory cd /root/.pub authorized_keys .
cat /root/.ssh/id_rsa Sync your iPhone and copy the note to your iPhone clipboard.. Import (Paste) it to iSSH from General Settings > Configure SSH Keys > Import Key. Change your Connection to "Use Key" authentication Verify connectivity .Advanced: SSH Certificate Authentication Client setup Copy your public key to an iPhone note..
d/ssh restart * sample configuration file in the Speaker notes .Advanced: Disable Password Authentication Server setup Edit the /etc/ssh/sshd_config* PasswordAuthentication no ChallengeResponseAuthentication no Edit the config file to change the default SSH port /etc/init.
The original version of this presentation can be found at: https://docs.Thanks I hope you found this useful.google.com/present/view?id=djjg73z_45k2rdzkzt .
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue listening from where you left off, or restart the preview.