firewalls – Page 7 – WindowsTechs.com

How outgoing tunnels are not stopped by AV or firewalls?

Posted on May 29, 2023 by Akam

How can an attacker with initial access to a server behind a firewall, which only has SSH, HTTPS, and HTTP ports open, maintain remote access to the server even after the SSH port is closed by the user on the firewall?

I have searched these questions and answers but none of them directly answering the question:

I knew its by implementing any kind of reverse shell, creating a tunnel that sending outbound connection to attacker server:
Why a tunnel – reverse shell not detected by Firewall or such Antivirus on the OS? until this point, I worked on many computers and tested if a tunnel works or not, none of them blocked me even with enterprise firewall and client security software.

Continue reading How outgoing tunnels are not stopped by AV or firewalls?→

Which IP address would be most safe and suitable to use as a placeholder in a live system?

Posted on May 25, 2023 by BadHorsie

Is there a best practice IP address that is safe to use as a placeholder in a live public system on the Internet?
e.g. In a similar capacity, the domain name example.com is reserved and can be safely used without risk of this becoming som… Continue reading Which IP address would be most safe and suitable to use as a placeholder in a live system?→

Hp laptop wont boot from dvd player [migrated]

Posted on May 23, 2023 by ArrowInTree

My laptop a hp-15dy2021nr will not boot off an external DVD player.

I have tried multiple dvds and multiple drives.i miss linux formats dvds .There is ‘moonbounce’ bios infection [[https://www.tomshardware.com/news/moonbounce-malware-hide… Continue reading Hp laptop wont boot from dvd player [migrated]→

Nuclei via Proxy – Burp Suite IP Rotate

Posted on May 18, 2023 by sikkoni yaruzo

I started using Burp’s IP Rotate when I do some tests. Some tools just straight give me firewall block. For example, when using nuclei (or some other tool for content discovery) and proxy to IP Rotate. Does this makes sense or should I do … Continue reading Nuclei via Proxy – Burp Suite IP Rotate→

What software to use for Network Behavior Analysis and as Intrusion Prevention system? [closed]

Posted on May 10, 2023 by Dinar

I need to know which software to use for that. I want to analyse my network traffic against DDoS.

Continue reading What software to use for Network Behavior Analysis and as Intrusion Prevention system? [closed]→

what means this log in my router nf_conntrack_sip: expect_rtp [closed]

Posted on May 6, 2023 by Marcelo Henrique Ribeiro

I found this log on my VIVO router:
May 2 13:06:43
PowerBoxGVT
warn
kernel
nf_conntrack_sip: expect_rtp 0.0.0.0:0->74.50.90.134:8000 109

This IP address is reported on abuseipdb. So it is a dangerous IP address. But my worry is if my … Continue reading what means this log in my router nf_conntrack_sip: expect_rtp [closed]→

Is it possible to provide Internet to prisoners without risks of them contacting victims or accomplices as a matter of policy?

Posted on May 5, 2023 by 7367363

By securely I mean without the risk of them committing cybercrimes or contacting victims or other people to commit more crimes ? I’ve read that even with firewalls a way around it could be found, especially if the allow list is large enoug… Continue reading Is it possible to provide Internet to prisoners without risks of them contacting victims or accomplices as a matter of policy?→

Why does the windows firewall allow apps to communicate through so many different ports and to so many different addresses?

Posted on May 4, 2023 by Joblesshuman

I looked at my default windows defender firewall on Windows 10 22H2, and most of the rules allow apps to communicate through any local port to any remote address and port. I have read other questions and answers but none seem to address th… Continue reading Why does the windows firewall allow apps to communicate through so many different ports and to so many different addresses?→

DOS UDP port scans in firewall logs

Posted on April 26, 2023 by Gino

For a few days, we are getting the following logs on our firewall (Vigor2926ac, up-to-date firmware)
The traffic suggests that it comes from Google / Microsoft datacenters, but that’s a bit odd that they are running port scans against us.
… Continue reading DOS UDP port scans in firewall logs→

nftables: usage ct label set in [migrated]

Posted on April 5, 2023 by user283584wc

Using in statefull mode, I collect information about the amount of packages/bytes from the rules and do not create the rules for returning packages because they are accepted based on the states stored in the conntrack "ct state establ… Continue reading nftables: usage ct label set in [migrated]→