Pentester's Promiscuous Notebook
BlogGitHubTwitter
Search…
README
⚒️ Pentest
C2
Infrastructure
Misc
OSINT
Password Brute Force
Perimeter
Shells
Web
Wi-Fi
⚔️ Red Team
Basics
Cobalt Strike
Infrastructure
Malware Development
SE
⚙️ Admin
Git
Linux
Networking
DHCP Server & Linux Hotspot
Quick Configurations
Routing
Virtualization
Windows
Powered By GitBook
Networking

Log Connections

tcpdump/tshark

Register ICMP replies from 10.10.13.38:
$ sudo tcpdump -n -i tun0 -XSs 0 'src 10.10.13.38 and icmp[icmptype]==8'

iptables

Add rule to register new (does not watch for related, established) connections to your machine:
$ sudo iptables -A INPUT -p tcp -m state --state NEW -j LOG --log-prefix "IPTables New-Connection: " -i tun0
Check the logs:
$ sudo grep IPTables /var/log/messages
Delete rule:
$ sudo iptables -D INPUT -p tcp -m state --state NEW -j LOG --log-prefix "IPTables New-Connection: " -i tun0

Tools

dhclient

Release the current lease on eth0 and obtain a fresh IP via DHCP in Linux:
$ sudo dhclient -v -r eth0
$ sudo dhclient -v eth0

iptables

List rules in all chains (default table is filter, there are mangle, nat and raw tables beside it):
$ sudo iptables -L -n --line-numbers [-t filter]
Print rules for all chains (for a specific chains):
$ sudo iptables -S [INPUT [1]]

fail2ban

  • /etc/fail2ban/filter.d - filters which turn into user-defined fail2ban iptables rules (automatically).
Status:
$ sudo service fail2ban status
$ sudo fail2ban-client status
$ sudo fail2ban-client status sshd
Unban:
$ sudo fail2ban-client unban --all
$ sudo fail2ban-client set sshd unbanip <IP>

OpenVPN

Previous
Kali
Next
DHCP Server & Linux Hotspot
Last modified 6mo ago
Copy link
Outline
Log Connections
tcpdump/tshark
iptables
Tools
dhclient
iptables
fail2ban
OpenVPN