More Firewall rules and VNC access to your Kali Linux
Goal
- First we are going to setup your Kali linux to allow SSH and VNC - your final goal is to show a VNC login from your Windows 10 Box.
Understand Firewall rules and how they are processed on pfSense
- Explore the metasploitable box and see what ports are open on it. This will involve a bit of work relating to nmap. Goal is to list all open ports and the common programs that run on those ports.
Lab Guide
There will be a lecture and demo of firewall rules.
First we are going to setup
- Install the openssh-server on kali (you know how, I shouldn't have to tell you)
- Make sure the service always starts on a reboot (ditto here, hint update-rc.d)
- Can you login over ssh with root? Ok, then add yourself
- Don't forget to add yourself to the right group (hint: usermod will do that for you).
- Now you should be able to login from your Windows 10 machine (using putty, did you install that yet?) and sudo su|bash or whatever you want to use to become root! And you don't ever need that crazy IE for this either.
- Now that you are root, why not take this opportunity to update|upgrade your system.
- This is not as easy as it may sound. You should know to do a apt-get update, apt-get upgrade, apt-get dist-upgrade, and now full-upgrade. BUT THIS MAY NOT WORK HERE! Why? Because you are installing software that will set off all sorts of alarms in most security suites.
- Solution? I had to use a SOCKS proxy to end around this. You all should collaborate to see if you can find a solution. I've given you a hint, here is another. There are only a couple of .deb files that will fail so you could just download them through another means (again, the means I used was a SOCKS proxy).
- Make sure you have updated your Windows 10, and Windows 2016 machines too.
- Since the most important step in security is to make sure your machines are up-to-date...
- Update all machines except metasploitable 3.
- Make sure that all machines will continue to update on a regular bases.
- Finally, I want to have a remote desktop ability. RDP+VNC.
I had to remove Gnome 3 and install mate. With directions here.
In-Progress!
Let's install the "vino" vnc server. (Follow your favorite tutorial
- I also had to install dconf-editor