Lab 03 - More Firewall rules and Remote access to your VMs

Goal

Setup rdp backdoors to your Windows 2019 and ubuntu machines on pfsense using NAT
Setup ssh keys on github and use them to access your ubuntu, and kali machines. Again, setup backdoors using NAT
Setup xrdp for kali (that way you can access it without having to use the SCVMM tool.
Understand Firewall rules and how they are processed on pfSense

Lab Guide

There will be a lecture and demo of firewall rules.

First we are going to setup

Install the openssh-server on kali (you know how, I shouldn't have to tell you), it should already be installed on your ubuntu server.
Create a public key private key pair and post your public key on git hub (see: https://help.github.com/articles/connecting-to-github-with-ssh/ or SshKeys). Once you have your public key posted on github others can access it via: "github.com/username.keys" You can use that to your advantage when installing the keys. I use wget to get the keys from github when I need them.
Make sure the open ssh service always starts on a reboot of kali (ditto here, hint systemctl enable ssh)
1. Can you login over ssh with root? Ok, then add yourself
2. Don't forget to add yourself to the right group (hint: usermod will do that for you).
3. Now you should be able to login from your Ubuntu Windows and sudo su|bash or whatever you want to use to become root! And you don't ever need that crazy GUI for this either.
Now that you are root, take this opportunity to update|upgrade your systems. (As of 2021, I was able to # apt install kali-linux-default #without setting off any alarms, then I updated without problems)
1. This is not as easy as it may sound for kali. You should know to do a apt-get update, apt-get upgrade, apt-get dist-upgrade, and now full-upgrade. BUT THIS MAY NOT WORK HERE! Why? Because you are installing software that will set off all sorts of alarms in most security suites. So you may have trouble with your kali update.
2. Solution? I had to use a SOCKS proxy to end around this. You all should collaborate to see if you can find a solution. I've given you a hint, here is another. There are only a couple of .deb files that will fail so you could just download them through another means (again, the means I used was a SOCKS proxy).
Make sure you have updated your Windows machine(s) too.
Since the most important step in security is to make sure your machines are up-to-date...
1. Update all machines except metasploitable 3.
  - Hint if you your having trouble updating pfSense from the Website, try the following:
    1. Check the networking
    2. Login to pfSense and do an upgrade from the commandline. # sudo pfSense-upgrade -d
2. Make sure that all machines will continue to update on a regular bases.
Install xrdp on kali (I'm assuming your ubuntu we already has this).
Install NAT rules to allow you to ssh into your linux machines and rdp into your windows machines (if you haven't already done this). You can use any port you like to forward to your internal machines (which should all have static IPs of course)

Show me

Show me that you can login to each of the following machines from the lab network and that you have installed all updates except on Metasploitable 3!
1. Window Server
2. Kali
3. Ubuntu 18.04
Show me that pfSense is up-to-date via the website.
Show me that you can login to kali via ssh and rdp.
Show me that you can rdp into your Ubuntu VM directly from outside your firewall (yes this is a back door)
Show me that you can ssh into your linux machines using your public key from outside your firewall (yes these are back doors)