7MS #147: DIY Hosted Mutillidae
7 Minute Security26 Jan 2016

7MS #147: DIY Hosted Mutillidae

In this episode I talk about how to build a cheap hosted Mutillidae server to safely hack away on while keeping other Internet prowlers out. Here are the basic commands to run to lock down the Digital Ocean droplet's iptables firewall:

*Flush existing rules*

**sudo iptables -F**

*Allow all concurrent connections*

**sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT**

*Allow specific IPs/hosts to access port 80*

**sudo iptables -A INPUT -p tcp -s F.Q.D.N --dport 80 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT**

*Allow specific IPs/hosts to access port 22*

**sudo iptables -A INPUT -p tcp -s F.Q.D.N --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT**

*Block all other traffic:*

**sudo iptables -P INPUT DROP**

*Provide the VPS loopback access:*

**sudo iptables -I INPUT 1 -i lo -j ACCEPT**

*Install iptables-persistent to ensure rules survive a reboot:*

**sudo apt-get install iptables-persistent**

*Start iptables-persistent service*

**sudo service iptables-persistent start**

*If you make iptables changes after this and they don't seem to stick, do this:*

**sudo iptables-save > /etc/iptables/rules.v4**

See this Digital Ocean article for more information.

Avsnitt(713)

7MS #713: How to Secure Your Community – Part 3

7MS #713: How to Secure Your Community – Part 3

Hello friends, in today's edition of How to Secure Your Community, I give a brief recap of part 1 and part 2, and then dive into some cool phone shortcuts you can setup so that with a single tap, you ...

13 Mars 31min

7MS #712: How to Secure Your Community - Part 2

7MS #712: How to Secure Your Community - Part 2

Hello friends.  Today's episode piggybacks off of last week's discussion of Operation Metro Surge and how it has affected the state of Minnesota.  I also highly encourage you to read this Rolling Ston...

6 Mars 37min

7MS #711: How to Secure Your Community

7MS #711: How to Secure Your Community

Hello friends, it's good to be back with you.  I took a podcast hiatus in January to focus on helping communities affected by Operation Metro Surge.  Today I share how my family and community has been...

27 Feb 51min

7MS #710: I'm Taking a Break

7MS #710: I'm Taking a Break

Hi friends, I'm going to be taking a break from producing podcast episodes, as well as content over at 7MinSec.club.  It's a temporary break, so please don't unsubscribe, unfollow, etc.  I need some e...

17 Jan 4min

7MS #709: Second Impressions of Twingate

7MS #709: Second Impressions of Twingate

Hey friends, in episode #649 I gave you my first impressions of Twingate.  It's been a minute, so I thought I'd revisit Twingate (specifically this awesome Twingate LXC) and talk about how we're using...

10 Jan 20min

7MS #708: Tales of Pentest Fail – Part 6

7MS #708: Tales of Pentest Fail – Part 6

After sharing a recent story about how a phishing campaign went south, I heard feedback from a lot of you.  You either commiserated with my story, told me I wussed out, and/or had a difficult story of...

2 Jan 25min

7MS #707: Our New Pentest Course Has Launched!

7MS #707: Our New Pentest Course Has Launched!

Today we're thrilled to announce the launch of LPLITE:GOAD (Light Pentest Live Interactive Training Experience: Game of Active Directory). The first class is coming up Tuesday, January 27 – Thursday, ...

26 Dec 202514min

7MS #706: Tales of Pentest Pwnage – Part 80

7MS #706: Tales of Pentest Pwnage – Part 80

I'm so excited to share today's tale of pentest pwnage, because it brings back to life a coercion technique I thought wouldn't work against Windows 11! Spoiler alert: check out rpc2efs, as well as the...

19 Dec 202529min

Populärt inom Politik & nyheter

svenska-fall
aftonbladet-krim
p3-krim
rss-krimstad
fordomspodden
rss-expressen-dok
flashback-forever
motiv
aftonbladet-daily
rss-sanning-konsekvens
spar
blenda-2
rss-vad-fan-hande
olyckan-inifran
svd-ledarredaktionen
rss-krimreportrarna
rss-frandfors-horna
dagens-eko
rss-flodet
kungligt