Posts Tagged - security

A Strict Firewall that Only Allows SSH

export SERVER_IP="x.x.x.x"

Flushing all rules

iptables -F

iptables -X

Setting default filter policy

iptables -P INPUT DROP

iptables -P OUTPUT DROP

iptables -P FORWARD DROP

Allow incoming and outgoing ssh only

iptables -A INPUT -p tcp -s 0/0 -d $SERVER_IP --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

iptables -A OUTPUT -p tcp -s $SERVER_IP -d 0/0 --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT

Make sure nothing comes or goes out

iptables -A INPUT -j DROP

iptables -A OUTPUT -j DROP

Save and load rules

iptables-save > /etc/iptables.rules

vim /etc/network/if-pre-up.d/iptablesload

#!/bin/sh
iptables-restore < /etc/iptables.rules
exit 0

vim /etc/network/if-post-down.d/iptablessave

#!/bin/sh
iptables-save -c > /etc/iptables.rules
if [ -f /etc/iptables.downrules ]; then
   iptables-restore < /etc/iptables.downrules
fi
exit 0

chmod +x /etc/network/if-post-down.d/iptablessave

chmod +x /etc/network/if-pre-up.d/iptablesload

Read More

ARP - MITM Detection Method

Sedikit tengan ARP

ARP merupakan protokol yang digunakan untuk memetakan alamat fisik (MAC) dan logika (IP). Proses pemetaan ini sering dimanfaatkan oleh penyerang dengan cara memalsukan isi dari peta (ARP table) tersebut sehingga ia dapat menguasai komunikasi yang bergantung pada isi dari peta tersebut (routing).

Berikut metode yang saya gunakan untuk mendeteksi proses pemalsuan tersebut.

Disini saya menggunakan TCP-Syn untuk memancing penyerang. Kenapa? Karena jika menggunakan protokol seperti ICMP maka penyerang bisa saja membuat firewall untuk mem-blok semua paket ICMP yang datang.

Dengan menggunakan TCP-Syn dengan port yang kita buat acak, pengerang tentu tidak dapat menebak port tersebut dan memblok nya.

Read More

RSA Small Key Problem

Given public key = (7, 33).

Find private key (d).

n = 33 (modulus)

e = 7 (exponent)

let’s factoring n

n = p * q

33 = ? * ?

floor(sqrt(n)) = floor(sqrt(33)) = 5

33 mod 5 = 3 « not 0

33 mod 4 = 1 « no need to test (except for 2 all other prime numbers are odd)

33 mod 3 = 0 « we got p = 3

p = 3

33 = 3 * ?

Read More

RSA Algorithm

Key Generation

  1. Generate two random primes, p and q, e.g p=3, q=11.

  2. Compute n = pq, n = 3 * 11 = 33.

  3. Compute phi = (p-1)(q-1) = (3-1)(11-1) = 20

  4. Choose an integer e, 1 < e < phi, such that gcd(e, phi) = 1, e.g e = 7, gcd(7, 20) = 1

  5. Compute the secret exponent d, 1 < d < phi, such that (e * d) mod phi = 1, (7 * d) mod 20 = 1, d = 3

Read More

Square and Multiply

11^37 = ?

37 = 100101 in binary

  • 1 -> first “One” lists number = 11

  • 0 -> square = (11)^2

  • 0 -> square = ((11)^2)^2

  • 1 -> square + multiply = (((11)^2)^2)^2*11

  • 0 -> square = ((((11)^2)^2)^2*11)^2

  • 1 -> square + multiply = (((((11)^2)^2)^2*11)^2)^2*11

Read More

Diffie Hellman MITM Attack

p = prime number (public)
g = modulus (public)

a = Alice private key (private)
b = Bob private key (private)

A = Alice public key (public)
B = Bob public ket = (public)

Sx = Shared key (public)

eA = Eve private key for Alice (private)
eB = Eve private key for Bob (private)
Ea = Spoofed Alice public key will sent to Bob (public)
Eb = Spoofed Bob public key will sent to Alice (public)

Read More