ProPatriot - Using Cisco Tools and Hardening and Security Techniques¶
Using Cisco Packet Tracer Software (Cisco Tools)¶
★Core Knowledge★ - What is Cisco Packet Tracer? (8.1.1)
A picture containing graphical user interface.
★Core Knowledge★ - Cisco Packet Tracer, is a cross-platform visual simulation tool, that allows users to create network topologies and imitate modern computer networks. The software allows users to simulate the configuration of Cisco routers and switches using a simulated command line interface.
Note
When dealing with networking devices, there are three planes: the management, control, and data planes.
Useful Cisco Packet Tracer IOS CLI Commands
| Mode | Symbol | Access | Prompt | Exit |
|---|---|---|---|---|
| User EXEC | > | Default after booting | Router> | exit |
| Privileged EXEC | # | enable command from User EXEC | Router# | exit |
| Global Configuration | (config)# | configure terminal command from Privileged EXEC | Router(config)# | exit or Ctrl+Z |
| Interface Configuration | (config-if)# | interface <interface name+number> command from Global Configuration | Router(config-if)# | exit |
| ROMMON | ROMMON> | reload command from Privileged EXEC or pressing Ctrl+C during boot | ROMMON> | exit (limited functionality) |
Management Plane - The connection between the workstation and the device where the administrator monitors and configures services.
Protocols - telnet, NTP, Secure FTP, SNMP, and SSH; we work with the management plane either in-band using a shared management interface or out-of-band.
Data Plane or Forwarding Plane - The actual movement of data, based on what the device learned, from the control plane and processes and moves user traffic.
Service Plane - subset of data plane traffic requires high touch handling by the device.
Control Plane - Routing protocols and routers that talk with one another. Where the device learns what action to take on the data. No data moves until the control and this plane makes a decision on the best path to deliver the data.
A little analogy of routers and switches
What is a switch. If we can best explain it. A switch is like a local post office in your city. This local post office sends your envelope to another house (or any destination) that is within the city. This local post office can only send envelopes locally. router is like a centralized post office. This centralized post office that knows how to connect one local post office to another. You want to send an envelope to somebody in New York and you’re in Los Angeles. Your local post office in Los Angeles(LA PO) doesn’t know how to get that envelope to that person in NY. The LA PO will contact the centralized post office so that the centralized PO can send that envelope to NY PO. NY PO knows the exact location of that person and the envelope is delivered! |
Penetration and Vulnerability Testing Using Burp Suite¶
Core Knowledge: A Burp suite is a powerful tool that many penetration testers use professionally. Learning how to use these tools, effectively, can make sure that the applications you are using are strong and secure, from all sorts of malicious attacks. The Burp Suite community edition has much fewer features than the professional and enterprise versions, but it’s good enough that, if you master the community edition, then you have gained a powerful set of skills.
O&O ShutUp10++ - A Way of Hardening Windows OS¶
If you would like to block Window’s suspect spyware, then, definitely, use this software. It also works for Windows 11 just in case you made the big mistake of “upgrading” to 11 or higher.
There are so many settings that help you increase your privacy, security, and Quality of Life (QOL)
Eliminate advertising ID by Windows, along with sending clipboard data to Windows’s servers, along with other weird stuff.
Chris Titus Tech’s Windows Utility¶
Source: https://christitus.com/windows-tool/
Video follow along:
NextDNS - The new firewall for the modern Internet¶
Source: https://nextdns.io/
Similar to Safing Portmaster, this DNS firewall will allow you to do the same things, even add custom blocklists and manage all your devices through a central hub with a beatiful web UI.
Note: Read the documentation carefully and make sure you don’t have two dns providers running at the same time.
Video follow along:
Safing Portmaster - An Easy To Use Firewall For Your Computer¶
Source: https://safing.io/
If you would like to block all incoming connections on your computer and any unnecessary programs, pinging the world outside, this is a fantastic piece of software.
All you need to do is flick the switch and all those nasty connections coming from Adobe Creative Cloud are all gone.
Video follow along:
Security and Hardening with Ubuntu Linux OS¶
Recover Ubuntu Password
There are times when we create a new Ubuntu machine and just forget the password. Instead of spending all of that time doing the guessing game, you can easily make a new password and recover your machine in just a couple minutes.
Source: https://itsfoss.com/how-to-hack-ubuntu-password/
Disable Ubuntu Recovery Password
After performing the password recovery on Ubuntu, you can probably tell it’s a huge security vulernability, in the case that someone, physically, gets your computer and wants to access everything inside. To protect yourself, from this threat, all you have to do is delete one line in your configuration files and change your grub menu password.
Sources: https://askubuntu.com/questions/321115/how-to-remove-password-recovery-reset
https://askubuntu.com/questions/248196/how-to-password-protect-grub-menu-entry
Tip: if a physical security threat is a concern, you should really consider encrypting the device from the start.
Disabling Root Access
While the average user can use Linux without ever using the terminal, it is nevertheless, a powerful tool that has the ability to grant attackers full access to a computer. Linux is a command-heavy operating system. “Root access”, in Linux, refers to the unrestricted power to execute any command. It can be safely removed because it often comes in handy. Root access can always be guarded by a password.
To lock root access behind a password, open the terminal and enter “sudo -i.” When the next line, a # prompt, appears, enter “password.” This will give you the prompt for setting a root password.
Installing SSH on Ubuntu: Just type the following apt command/apt-get command:
Hint
Disable root Login: This configuration will limit SSH only to users other than root.
PermitRootLogin no
Allow Specific Users: This line will allow you to specify which users can log into the SSH service:
AllowUsers accountName
Change Default Port From 22: This line will specify which port to host the SSH service on.
Port 22222
Disable Empty Passwords: This line ensures that no users can login with an empty password.
PermitEmptyPasswords no
Restart Service As always, after making changes to a service be sure to restart it!
service ssh restart
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems
Source: https://github.com/CISOfy/lynis
Video follow along:
BONUS: Using RKHunter - The Rootkit Hunter project
The package “rkhunter” is useful for doing a quick scan of your system for any known rootkits:
apt-get install rkhunter
rkhunter -C
CyberVideo: Best Hacking Operating System! (Courtesy: zSecurity)
Hardened Debian GNU/Linux distro auditing¶
https://github.com/hardenedlinux/harbian-audit
Hardened Debian GNU/Linux and CentOS 8 distro auditing.
The main test environment is in debian GNU/Linux 9/10/11/12 and CentOS 8 and ubuntu 22, and other versions are not fully tested. There are no implementations of desktop related items in this release.
The code framework is based on the OVH-debian-cis project, Modified some of the original implementations according to the features of Debian 9/10/11/12 and CentOS 8, added and implemented check items for STIG Red_Hat_Enterprise_Linux_7_V2R5 STIG Ubuntu V1R2 and cisecurity.org recommendations, and also added and implemented some check items by the HardenedLinux community. The audit and apply functions of the infrastructure are implemented, and the automatic fix function is implemented for the items that can be automatically fixed.
What is Kali Linux? - Detailed Computer Penetration Testing (Setup Image Guide)¶
Core Knowledge: Kali Linux, (Formerly known as BackTrack Linux), is an open-source, Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali Linux contains several hundred tools targeted toward various information security tasks. Such as, Penetration Testing, Security Research, Computer Forensics, and Reverse Engineering. Kali Linux is a multi-platform solution, accessible, and freely available to information security professionals and hobbyists.
Kali Linux was released on the 13th March 2013 as a complete, top-to-bottom rebuild of BackTrack Linux, adhering completely to Debian development standards.
Kali Features include:
More than 600 penetration testing tools
Free to download
Open-source Git tree
File System Hierarchy Standard
Wide-ranging wireless device support
Custom kernel, patched for injection
Developed in a secure environment
GPG signed packages and repositories
Multi-language support
Completely customizable
ARMEL and ARMHF support
The site is well organized as well to aid with using on any compatible computer. There are also helpful “Help” forums and FAQ’s to troubleshoot possible issues.
Wifite: A Network Cracking Tool
Kali Linux includes may tools, one of which is Wifite, this tool allows a range of attacks to audit the security of a WiFi network. It is a lesson for all users to have a complex password because all it takes to get onto the network is a single command.
How to Set Up Kali Linux OS (Virtual Box)¶
Step 1: Open Oracle Virtual Machine and install Kali Linux (Easy Image Guide)
TryHackMe – Website for Learning Cyber Security¶
Core Knowledge: TryHackMe is a CTF website that uses an interactive virtual lab to teach cybersecurity. Whether you are an expert or a beginner, you will learn about theoretical and practical security features, utilizing a virtual room architecture. It’s an intuitive cybersecurity tool that tests individuals, in a range of virtual machine rooms, to find solutions to computer security issues and capture or defend computer systems.
Once you create a FREE account on the website, you will be able to choose from 3 learning paths. I went ahead and chose the first, which is the basics of hacking for newcomers. I’ve found that most of the content on the website is free so far.
The website will provide you with a live Ubuntu virtual machine and easy to follow steps, on the side, to accompany the hacking demonstration. In this lesson, you are learning how to hack a dummy bank account website, to explore its hidden directories.
As you can see, I, successfully, initiated a bank transfer from the dummy users account. This website, also, has an Android application that allows you to practice hacking on the go. This short example, basically, shows how easy it can be for a hacker to gather personal information.
ProPatriot CyberQuiz (Beta)¶
ProPatriot CyberVideos¶
This section is based on material introduced in this difficulty of the website, these videos provide interesting in-depth tutorials and summaries of the material described above. Also please note, video material is subject to change.