Set up a Backtrack system that is accessible over the internet from the
phone in my pocket. What can I say? I like to practice my metasploit
syntax while waiting in the doctor's office.
note: sample configuration files will be in the Speaker Notes where appropriate
First, you will need BackTrack
This is also where you can download the latest release. Make sure you download the one
for VMWare. (I know. I know. It doesn't really matter for you hardcore geeks)
Why VMWare?
Extract the BackTrack files and open up the one with the ".vmx"
extension.
passwd
Configure the local firewall
We want to setup the BackTrack firewall to block all but
necessary traffic. You will need to decide now which ports you
are going to use for port knocking and ssh. In this example we
will use the following:
/etc/init.d/networking start
Now that we have internet access, it's a good time to get the
OS up to date.
apt-get -y update
apt-get -y upgrade
apt-get clean
Enable and configure SSH
SSH will be your primary access to BackTrack. Luckily most of the tools you will
use in BackTrack are run from command-line anyway.
Edit the config file to change the default SSH port.
vi /etc/ssh/sshd_config*
Backtrack will start with all ports closed. After you send it a
special sequence of packets, the port knock server will issue a
command to open the ssh port. After you are finished using
ssh, you send it a different sequence to close the port again.
http://www.zeroflux.org/projects/knock
http://www.portknocking.org/
Port Knocking install and configuration
To install knockd:
apt-get install knockd
Edit the config file to set-up the ports you want to use:
vi /etc/knockd.conf
vncserver
http://www.dyndns.com/services/dns/dyndns/
http://www.no-ip.com/
Configure the your Internet router
Your internet or wireless router will need to be configured to
forward external ports for both SSH and port knocking to the
BackTrack system. This is usually available in your router
administration.
Client side
That is it for the server. You now have it configured for port
knocking, ssh, vnc and remote access over the internet.
Now it's time to configure the client. You will need two clients.
One for port knocking and one for ssh/vnc.
My examples will be for the iPhone, but most smart phones will
have these types of clients available. Links for Android clients
are listed later.
iPhone:Install and configure KnockOnD
I chose KnockOnD as my port knocking client. Mainly because
it's free, ad free and it works.
http://bluezbox.com/knockond.html
iPhone : Install and configure iSSH
iSSH is not free. As of this writing it's about 10$USD. But it has
benefits that the others do not have. Not the least of which is
that it allows for tunneling VNC.
http://www.zinger-soft.com/iSSH_features.html
Android clients
For ssh/vnc use ConnectBot
ConnectBot
Amaze yer friends with your incredible 500P3R L337 H4X0R skills
Troubleshooting
Flush all iptables rules
/sbin/iptables --policy INPUT ACCEPT
/sbin/iptables --policy OUTPUT ACCEPT
/sbin/iptables --policy FORWARD ACCEPT
/sbin/iptables -F
verify iptables
iptables -L -n
kill processes
killall knockd
killall sshd
vncserver -kill :1
Advanced: SSH Certificate Authentication
Server setup
I hope you found this useful. The original version of this presentation can be
found at:
https://docs.google.com/present/view?id=djjg73z_45k2rdzkzt