Firewall Pentest Lab Setup with pfsense in VMware

Firewall: It is a computer system or network that is designed to block unauthorized access while permitting outward communication. Firewall holds a lot of importance our technical world as it assures our system’s as well as data’s security. And a firewall in a network helps us to secure the whole network. It acts as a network security device that grants or rejects network access to traffic flows between untrusted zones. Thus, importance of Firewall.

To secure a network we should always use a third party firewall instead of windows own firewall as it make configuration of all network easy and in one system only. If you will use windows own firewall you have to configure if PC by PC which will take a lot of your time.

Setting up a firewall can be complicating. Therefore in this article we will learn how to set up a firewall using PFSense. By setting this firewall we will create a wall between our networks which will delude our network into two parts i.e External network and internal network.

You can download ISO image for PFSenese from here:

Now that you have ISO image, setup PFSense in your virtual machine just like you setup your windows and turn its power on and PFSense will open:

And it will boot itself automatically in few seconds:

Once it’s rebooted, select accept these Settings.

From the next dialogues box select Quick/Easy Install.

When you click on ok it will allow installation process to begin without asking unnecessary questions:

And the installation begins:

Now for installing custom configuration select Standard Kernel option.

And it will start installing:

Now, select Reboot option so that the firewall can start.

Thus, rebooting will begin.

After the rebooting process, it will ask you if you want to setup VLAN’s. Here just type n for no and hit enter.

Now it will ask you to name WAN and LAN interface. Give le0 name to WAN and le1 to LAN. Then just hit enter when it asks you to name optional interface.

It will show you the interfaces and their name now and will require your permission to proceed. Press y for yes as you are permitting it to proceed.

Now, in the following image you can see that it has automatically taken IP address for WAN i.e 192.168.1.7, if you wish to set a desired IP for WAN then choose 2 option and press 1 for the configuration of WAN.

It will ask you that if you want to assign IPv4 IP address. Here, press n for no. When you hit enter it will ask you if you want to assign IPv4 IP address. Here, enter your desired IP address and press enter. Then it will ask you to give subnet mask for the IP address that you have just entered. Now as our IP address was of C-class we will give 24 as subnet mask. After hitting enter it will ask you if you u want to give upstream gateway. Here, just press enter. And when it asks you to set IPv6 via DHCP6 then simply press enter without typing anything else as we do not require IPv6. And when it asks you for HTTP web configuration press n for no.

You can see that your desired IP for WAN has been set up. Hit enter to continue.

Similarly, you can setup LAN IP address by selecting of 2 for assigning IP address and select 2 for LAN.

Just like before, it will ask you for the IP address of LAN and so you enter your LAN IP address. And then it will ask you for subnet mask, here we have given subnet mask of 8 as our IP is of A-class. Just hit enter when it asks you to enter upstream gateway. And also hit enter when it asks you to enter IPv6 as we do not require it. And then press y for HTTP revert option.

And just like this, your LAN IP address has been set up. Now, press enter to continue.

Now to check that your firewall has been configured properly, let’s ping an IP address. Select option 7 and enter the IP address you want to ping. If it successfully pings that means your firewall has been configured successfully. And you can press enter to continue.

Author: Yashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast.

Proxy Server Lab Setup using Wingate (Part 2)

Digital era allows company to work securely and much efficiently. For doing so software’s and hardware’s play a major role. Today, it is nearly impossible to work without technology. And we all know that when something has advantages then it comes with disadvantages too. For instance you run a company or institute or even college. And you want to make sure that your employees or students are doing nothing but their work, so, how will know that? You can never know what someone is doing on their computer whether they are searching for inappropriate data or are playing a game or downloading a virus. Not even router helps us monitor all the devices connected to our network. so, in this case you can setup a Proxy Server.

First of all, connect both of your LAN cards to your computer. Once the LAN cards are connected, all you need to know is the IP address of second network which it will configure automatically.

Now, open WinGate to its Welcome panel by right clicking on its hidden icon on the task bar and selecting WinGate management option.

Now, go to your client computer, i.e the computer whose proxy you want to setup, and right click on network adaptor icon (it is present on the right-hand-side of the task bar) and open network sharing dailogue box.

Now, open the Local Area Connection. The following window will open.

Now to go properties and the following windows will open.

Now select Internet Protocol Version 4 (TCP/IPv4) and click on properties and the following windows will open. Select Use the following IP address automatically in the said window. Here, give IP address of the series ahead of the IP address of the second LAN card’s IP address along with subnet mask. In Default Gateway option, give the IP address of second LAN card.

Now, select Use the following DNS server automatically and give 8.8.8.8 as DNS address. Then click on OK.

Open web browser in your client computer, go to settings, open LAN settings and give the Defualt Gateway’s IP address. After doing so, all the traffic from the client’s computer will go through the proxy server and so; one will be able to monitor it.

Now that your web proxy is all setup go back to your proxy server (the computer in which you installed WinGate). Open WinGate, choose Network Connections from Control Panel. You will see two options.

Out of these two options right click on the option with the router’s IP (first LAN card’s IP) and select Edit Option. And then select an external untrusted network and click on OK as show:

After clicking on OK the settings will change and you will be able to differentiate between external and internal network as:

If you want that any time your client computer opens a browser then they should enter a username and password to access the internet then all you have to do is go to Users and Groups.

Right click on the screen and select create user option. There give name and description (optional)

After giving name click on Next, give Account name and select Account locked option and again click on Next.

Now it will ask for a password. Enter your password and click on Finish.

By doing so, It will show you the entire user you just created.

Author: Yashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast.

Wifi Penetration Testing in Remote PC (Part 1)

People often say “news travel fast”. How? The answer is one word Wireless. Wireless network all around the world helps us to move faster in our life. It enables us to make more of already running time. But, today, wireless connections to the internet have become necessisity. And it is now very much possible to take advantage of this necessisity.

Wifi : It is technology that allows electronic devices to connect to internet in a given area. WiFi has a lot of advantages. Wireless networks are easy to set up and inexpensive. They’re also unobtrusive — unless you’re on the lookout for a place to watch streaming movies on your tablet, you may not even notice when you’re in a hotspot.A wireless network uses radio waves, just like cell phones, televisions and radios do. In fact, communication across a wireless network is a lot like two-way radio communication. Here’s what happens:

  1. A computer’s wireless adapter translates data into a radio signal and transmits it using an antenna.
  2. A wireless router receives the signal and decodes it. The router sends the information to the Internet using a physical, wired Ethernet connection.

The process also works in reverse, with the router receiving information from the Internet, translating it into a radio signal and sending it to the computer’s wireless adapter.

When you connect your device to the wifi, your device will store all the information of wifi. And after taking over the control of Victim PC. You can know each and everything about their wifi router, including their password.

For WiFi Penetration Testing, Take a session through meterpreter and reach to the shell of your Remote PC. And run the following commands:

Our first command will allow us to see all the networks to which the remote PC has been ever connected till date.

netsh wlan show profiles

Our next command helps us to see the details and password of a particular router.

netsh wlan show profiles name=[profile name] key=clear

Here, profile name is wifi name.

The following image shows the detail of the router named “Yashika”

The next image shows us the password of the router named Yashika with the heading key content. We can see that password is 99********

Our next command allows us to delete a particular wifi connection.

netsh wlan delete profile name=[profile name]

Here, profile name is wifi name.

Next command allows us to set the priority of a wifi network.

netsh wlan set profileorder name=[profile name]interface=[interface_name] priority=1

Here, profile name is wifi name and interface name is network types such as WLAN, LAN.

Next command allows us to stops our remote PC to automatically connect to a network.

netsh wlan set profileparameter name=[profile name] connectionmode=manual

Here, profile name is wifi name.

Next command allows us to export all the details about a wlan network.

netsh wlan export profile name=[profile name]

Here, profile name is wifi name.

Next command helps us to import any wlan file to a particular wifi network.

netsh wlan add profile filename=[path_and_filename.xml] interface=[interface_name]

Author: Yashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast.

Proxy Server Lab Setup using Wingate (Part 1)

Albert Einstein always said “Imagination is important than knowledge” and this imagination accompanied by knowledge helps our world to more and more every day. Thus, technology grows and grows and succeeds to reduce human effort and increase our potential. And there is much software that helps us to do so.

One of that software is Wingate. This software helps us to monitor internet activities of our employees or students or anyone as this software helps us to setup a proxy server which further allows all the traffic from a network passes through it to reach the router as per their request. We can say that this software helps us to share and control access to the Internet through a single computer connection. The computer with Wingate acts as a proxy server for the computer users inside the home or business network.

Proxy Sever : Proxy server is a server setup between router and your network. Once the proxy server is setup, it will help you differentiate between internal network(i.e your organisation network) and external network(i.e router). That means all the traffic from client’s application(i.e web browser) will go through this proxy server and you will be able to monitor everything they do on internet and also you will be able to permit who accesses internet or who does not. So, let us learn how to seup a proxy server

WinGate is software that acts as gateway which allows us to setup proxy server and helps us to share and control access to the Internet through a single computer connection.The computer with Wingate acts as a proxy server for the computer users inside the home or business network.

For WinGate to work on a computer we will need two LAN cards. Both of these LAN cards will act as routers. One of them will be our external network(i.e router) and other will be our internal network(i.e proxy server).

To install WinGate, download it from

http://download.cnet.com/WinGate/3000-2085_4-10003112.html. Once you have downloaded it,

Open it and the folowing screen will appear on your computer. Click on Next option on the dailogue box.

After clicking on next option, it will ask you the Program Features that you would like to install. Select all the three options and then again click on Next button.

Now it will ask you to enter an Administrative E-mail on which you want all of your alerts. Enter you r E-mail address. And then click on Next option.

Now a dialogue box will open as shown below. Select localhost option from it.

Now a Licience Activation Dailogue Box will open and it will ask whether your connection is offline or online. Select online on it and click on Next.

It will further ask you if you have bought WinGate or if you have it on trail bases. Select the appropriate option such as select activate a purchased lenience if you have bought it or else select activate a free full-featured 30 day trail.

Then your activation request will be processed. It may take a minute or two.

After the activation process click on Next and it will ask you to provide a database for Wingate. For it, simply click on Next.

Now, select the Wingate user database engine as you database and click on Next

To complete WinGate installation just click on Finish

After installing it will ask you computer to restart. Once the computer is restarted you wil find WinGate in the hidden icons on the Task bar.

Now right click on WinGate icon and select WinGate Management. After doing so, WinGate management window will open. And then click on localhost.

After clicking on localhost, it will ask you weather you want to work with current windows or want to use another user.

Now click on use another user and it will ask you for username and password.

(I have given administrator as username and i have kept password blank)

Once you have given username and password click on OK. And so, the welcone panel of WinGate will open

You can now start working with Wingate.

For to learn how to setup a proxy server using Wingate, do wait for part-2.

Author: Yashika Dhir is a passionate Researcher and Technical Writer at Hacking Articles. She is a hacking enthusiast.

Related Posts Plugin for WordPress, Blogger...