-
Notifications
You must be signed in to change notification settings - Fork 1
/
LDAP.startup
37 lines (22 loc) · 1.31 KB
/
LDAP.startup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# Internal LDAP Server.
ifconfig eth0 10.0.11.2/30
# Default to the Gateway LDAP.
route add default gw 10.0.11.1
while true; do nc -lvp 389;done &
while true; do nc -ulvp 389;done &
# One of the following ports is used for
# port knocking, the rest are for misdirection.
while true; do nc -lvp 1887; done &
while true; do nc -lvp 22456; done &
while true; do nc -lvp 38964; done &
/etc/init.d/ssh start
# Port Knocking to 1887 and within 45 seconds ssh through the unconventional port 36747.
# Useful Commands:
# 1) The server should first have a root password set using the command: "passwd".
# 2) Knock the port 1887 using: "nmap -Pn --max-retries 0 -p 1887 10.0.11.2". Netcat can be used too.
# 3) Within 45 seconds, perform the following command from admin: "ssh -p 36747 [email protected]".
iptables -A INPUT -s 10.0.13.0/30 -p tcp --syn --dport 1887 -m comment --comment "Portknock sequence" -m recent --set --name portknock
iptables -A INPUT -s 10.0.13.0/30 -p tcp --syn --dport 36747 -m recent --rcheck --seconds 45 --name portknock -m conntrack --ctstate NEW -m comment --comment "SSH Unconventional Port" -j ACCEPT
iptables -A INPUT -p tcp --syn --dport 36747 -m comment --comment "Restrics connections without first portknocking" -j DROP
# Acts as a remote log server for the firewall logs.
service rsyslog restart