(Pen)Testing Toolkits: BackBox & Kali Linux

Yesterday, I was supposed to give a presentation at the Linux/Unix night in Amsterdam. Unfortunately, I was unable to get there due to public transportation problems.

However, I translated the slides in English so If you’d like to see a comparison of two very popular (PEN) Testing Toolkits, have a look. There’s a Dutch version below.

 

For the Dutch edition, see this presentation

OpenBSD PF in QNX/IOS-XR?

In the slides from a speech from BSDCON called ‘Inspecting Packets with OpenBSD and pf’ I found an interesting slide on PF software being integrated on other operating systems like QNX.

image

I was a little shocked to read this at first. Cisco uses QNX as the base operating system for Cisco IOS-XR and, believe me, this software is going to be around for a while. Especially due to the microkernel design of QNX I believe this OS can become integrated on a massive scale.

I wanted to see for myself about the firewall of QNX. The name isn’t referred to in the documentation, but for PF users it’s perfectly clear that PF is the ‘IP Filter’ in QNX according to the documentation:

image

The property that the last matching rule wins isn’t very common in firewall software. Anyway, I love it!

Now the question is whether the functionalities of PF can be found in Cisco IOS-XR. Personally, I don’t think so. The inner workings described in documentation on Virtual Firewall (VFW) software on a multiservice blade makes it look much more like the Firewall Service Module (FWSM) and like PIX OS than like anything BSD-like.

But in general, I like QNX already, and I think it’s smart for Cisco to have it’s functionalities running on top of this BSD-like operating system.

QNX might one day redefine the network operating system landscape.

Traffic engineering with MPLS

In case you’re interested in routing technology, there’s a set of books called the ‘Distinguished Engineer Book Set’ published by Wiley. The book on the right called ‘MPLS-Enabled Applications’ is all about the roots of MPLS and current and upcoming traffic engineering features. It is a quick but relatively thorough update on what’s happening.

It’s quite a challenge if you’re not yet familiar with technologies like RSVP and LDP and designs with both involved. However, there’s a shortcut to get up-to-speed with current technology before you move to trends and upcoming technology.

image

If you haven’t got the books or don’t have the time to finish them, there’s a way to get a summary view on traffic engineering with MPLS as it was in 2000 on Youtube (below). This helps to get up-to-speed with current developments.

If you have 3 hours and want to get an overview on early MPLS and traffic engineering, this video is worth it! I’ve read half of the book that’s marked above and this video made reading the rest of it much easier.

The video contains a long presentation on the various topics on the technologies and implementation, and there’s lots of practical demos to see how it works. The best aspect of it is that Jeff Doyle and other speakers interact with Juniper’s and Cisco’s developers on the various implementations of these technologies.

Security configuration benchmarks – databases

I’m a big fan of security benchmarks for the configuration of infrastructures. This allows one to use the experience and knowledge of others and to compare one’s software configuration with a well developed benchmark while saving time.

Center for Internet Security

The Center for Internet Security is a wonderful effort that has led to the development of tools, benchmarks and metrics on information security. Things that you can just download and use right away.

Not all benchmarks are up-to-date, and I hope the community will grow bigger and more active to save everybody time and effort on the long run. I will try to give a helping hand related to firewalls and other security appliances during the course of 2014.

Database benchmarks

In the Database section of the Security Configuration benchmarks on the downloads page you can find benchmarks for the most widely used database engines, including

  • IBM DB2
  • MSSQL (2008R2)
  • MySQL (5.1)
  • Oracle

Benchmarks are like a check list of important configuration options with the advised values. It actually looks like a checklist.

You can mark some important metrics, compare the advised values with your own configuration, and discuss improvements with senior engineers or management and go from there.

image

Links

Fortinet to support Hyper-V and KVM

Today, Fortinet posted an article on the technology and security features of Hyper-V. However, they didn’t mention whether they would support the FortiGate appliance on this hypervisor.

I was wondering whether they would do this, so I Googled it up and came to realise that yesterday, they announced future support for a virtual FortiGate on Hyper-V and KVM.

I’m glad to know that Fortinet will support these platforms in the future and moves forward in the world of virtualized infrastructures.

Altering OpenBSD’s PF firewall configuration and testing for QA

Today we will be adding firewall rules to a an OpenBSD system in a way that shows the process and verification steps needed to correctly implement firewall changes and test them before closing the request.

In short, we will check the configuration, add variables, make rules, verify, implement and test them.

Topology

20130720-225325.jpg

Here’s our bridged firewall (no routing, no IP address) that is filtering between a branch office and a corporate network.

Continue reading

Connectivity & WiFi troubleshooting with Netsh in Windows

This is a short introduction to troubleshooting your wireless network connectivity and capabilities on a Windows machine using the CLI. There isn’t an actual problem we need to solve, we’ll just do some exploration.

We’ll use the Netsh interactive shell that is designed for scripting, just to give you an idea on how useful it can be to use these CLI capabilities on a Microsoft platform.

Continue reading

Exploit tutorial for beginners: Analysis & Exploitation

Exploring useful tools in BackBox Linux 3

In the previous articles, we have setup the requirements for this lab

Now we’re ready to perform the analysis and exploitation.

Here’s an overview of today’s tutorial

  • Start Metasploit Framework and connect to your database
  • Using nmap and auxiliary modules in msfconsole
  • Vulnerability scanning with the OpenVAS Framework
  • Learn about and exploit the host with msfconsole
  • Explore basic post-exploitation tools

Continue reading

Exploit tutorial for beginners (PREREQUISITE): setup a Windows target

In the previous parts, we have setup and configured the latest BackBox Linux distribution on Windows 8. See also:

This article is a simple lab exercise meant to help beginning security analysts and system administrators to understand some basic concepts on analysis and exploitation of systems. Therefore. all steps will be explained in much detail and aren’t too interesting for experienced penetration testers.

Continue reading