EvilZone

Hacking and Security => Hacking and Security => : lucid June 28, 2014, 11:43:26 PM

: IPtables practice firewall
: lucid June 28, 2014, 11:43:26 PM

I'm looking to set up an iptables firewall. The purpose of this particular firewall is for testing. I'm not using this to secure my network. It's extremely frustrating to try to google for "firewalls for penetration practice" or something like that, because all you find it "impenetrable firewalls"

So I'm looking for ideas on a good realistic firewall ruleset that I can practice bypassing. Suggestions?

: Re: IPtables practice firewall
: iTpHo3NiX June 29, 2014, 12:04:47 AM

Why not search for setups that people will Google to employ and then setup your firewall that way. Since you know the ruleset you can attempt to break it.

https://www.digitalocean.com/community/tutorials/how-to-setup-a-basic-ip-tables-configuration-on-centos-6

: Re: IPtables practice firewall
: voodoo June 29, 2014, 12:14:31 AM

You can try starting with a simple stateful firewall.

:

-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -p icmp -m icmp --icmp-type 8 -m conntrack --ctstate NEW -j ACCEPT
-A INPUT -p udp -m conntrack --ctstate NEW -j UDP
-A INPUT -p tcp --tcp-flags FIN,SYN,RST,ACK SYN -m conntrack --ctstate NEW -j TCP
-A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -j REJECT --reject-with tcp-reset
-A INPUT -j REJECT --reject-with icmp-proto-unreachable

Then modify it to suit your needs.  Allow some services through, implement some egress filtering.

: Re: IPtables practice firewall
: lucid July 10, 2014, 04:01:45 AM

I guess this was kind of a low quality post, as the answer is obvious. Thanks for the responses regardless. My bad for the dumb question. I've built a simple stateful firewall of my own and am going to do exactly as recommended.

Thanks.

: Re: IPtables practice firewall
: lucid July 10, 2014, 04:35:11 AM

Interestingly enough I had recently set up my Arch box as a gateway for a bunch of VMs. So I'm sort of already doing exactly that. I will look into smoothwall though, thanks.

: Re: IPtables practice firewall
: voodoo July 11, 2014, 06:17:43 AM

There is also shorewall which is actually something we use occasionally in enterprise solutions.

:

www.shorewall.net

: Re: IPtables practice firewall
: lucid July 12, 2014, 09:33:00 AM

Set up and configured Smoothwall on a VM as a gateway for the host computer.. and soon other VMs. Thanks for the suggestion. Will post if anything interesting and worth discussing happens.  :P

: Re: IPtables practice firewall
: proxx July 16, 2014, 09:09:07 AM

@Lucid
https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html

^
Best tutorial on the webs :D

: Re: IPtables practice firewall
: lucid July 16, 2014, 06:00:52 PM

Thanks buddy  ;D