Posts: 2
Threads: 0
Joined: Sep 2012
(10-06-2012, 07:01 PM)Backtrack Dragon Wrote: Mantap nih untuk jaga-jaga
Gambar benderanya bisa di ganti merah putih gak? atau logo IBT
#kabur
Xixixixi.....baru liat klo gbr benderanya italy...LOL
Ganti logo IBT keren kayanya, seperti yg di bilang atas ane..
TS, nais inpoh....
"It's nice to be important,
but it's more important to be nice."
Posts: 2
Threads: 0
Joined: Oct 2012
Pake APF juga keren tinggal install via apt-get
Posts: 16
Threads: 1
Joined: Feb 2013
(10-06-2012, 01:24 AM)iyan squid Wrote: Asslm,
ketemu lagi sama ane , facebooker galau
kali ini ane mw bagi2 bagi y belom tw aja, salah satu tool firewall yaitu gufw
apa itu gufw ?
Gufw adalah GUI dari ufw dimana ufw sendiri adalah The default firewall configuration tool for Ubuntu is ufw. Developed to easeiptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled.
#maaf gk bisa artiin masih cetek bahasa inggris ane
sedangkan firewall :
Merupakan suatu cara/sistem/mekanisme yang diterapkan baik terhadap hardware , software ataupun sistem itu sendiri dengan tujuan untuk melindungi, baik dengan menyaring, membatasi atau bahkan menolak suatu atau semua hubungan/kegiatan suatu segmen pada jaringan pribadi dengan jaringan luar yang bukan merupakan ruang lingkupnya. Segmen tersebut dapat merupakan sebuah workstation, server, router, atau local area network (LAN).
langsung saja cara menginstall gufw di ubuntu/backtrack
Code: root@IBTeam |Aceh:~# apt-get install gufw
terus kalo udah tinggal buka aja gufw di menu>>system>>prefference>>administration>>Firewall configurations
untuk mengaktifkan Gufw tinggal klik enable terus tekan tombol add di sudut kanan bawah
kemudian add rule
contoh disini saya berikan akses
|| deny || in || service || ftp ||
keterangan gufw akan men deny , jaringan in (masuk) pada service ftp atau port 21
berikut penampakan setingan gufw di lapi ane
berikut ss iptables dari console ane
Code: root@IBTeam |Aceh:~# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-logging-input all -- anywhere anywhere
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-logging-input all -- anywhere anywhere
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-logging-forward all -- anywhere anywhere
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-logging-forward all -- anywhere anywhere
ufw-reject-forward all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-output all -- anywhere anywhere
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-logging-output all -- anywhere anywhere
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere
Chain ufw-after-forward (1 references)
target prot opt source destination
Chain ufw-after-input (1 references)
target prot opt source destination
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm
ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn
ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc
ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
Chain ufw-after-logging-forward (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW BLOCK] '
Chain ufw-after-logging-input (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW BLOCK] '
Chain ufw-after-logging-output (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW ALLOW] '
Chain ufw-after-output (1 references)
target prot opt source destination
Chain ufw-before-forward (1 references)
target prot opt source destination
ufw-user-forward all -- anywhere anywhere
Chain ufw-before-input (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ufw-logging-deny all -- anywhere anywhere state INVALID
DROP all -- anywhere anywhere state INVALID
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ufw-not-local all -- anywhere anywhere
ACCEPT all -- base-address.mcast.net/4 anywhere
ACCEPT all -- anywhere base-address.mcast.net/4
ufw-user-input all -- anywhere anywhere
Chain ufw-before-logging-forward (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW AUDIT] '
Chain ufw-before-logging-input (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW AUDIT] '
Chain ufw-before-logging-output (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW AUDIT] '
Chain ufw-before-output (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ufw-user-output all -- anywhere anywhere
Chain ufw-logging-allow (0 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW ALLOW] '
Chain ufw-logging-deny (2 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW BLOCK] '
Chain ufw-not-local (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10
DROP all -- anywhere anywhere
Chain ufw-reject-forward (1 references)
target prot opt source destination
Chain ufw-reject-input (1 references)
target prot opt source destination
Chain ufw-reject-output (1 references)
target prot opt source destination
Chain ufw-skip-to-policy-forward (0 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-to-policy-input (7 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-to-policy-output (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw-track-input (1 references)
target prot opt source destination
Chain ufw-track-output (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state NEW
ACCEPT udp -- anywhere anywhere state NEW
Chain ufw-user-forward (1 references)
target prot opt source destination
Chain ufw-user-input (1 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:ftp
DROP tcp -- anywhere anywhere tcp dpt:imap2
DROP udp -- anywhere anywhere udp dpt:imap2
DROP tcp -- anywhere anywhere tcp dpt:nfs
DROP udp -- anywhere anywhere udp dpt:nfs
DROP tcp -- anywhere anywhere tcp dpt:pop3
DROP udp -- anywhere anywhere udp dpt:pop3
DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds
DROP udp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm
DROP tcp -- anywhere anywhere tcp dpt:smtp
DROP tcp -- anywhere anywhere tcp dpt:ssh
DROP udp -- anywhere anywhere udp dpt:ssh
DROP tcp -- anywhere anywhere tcp dpt:5900
Chain ufw-user-limit (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix `[UFW LIMIT BLOCK] '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain ufw-user-limit-accept (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw-user-logging-forward (0 references)
target prot opt source destination
Chain ufw-user-logging-input (0 references)
target prot opt source destination
Chain ufw-user-logging-output (0 references)
target prot opt source destination
Chain ufw-user-output (1 references)
target prot opt source destination
[/quote]
silahkan dicoba suruh teman untuk melakukan serangan ke laptop anda, di laptop ane ini berhasil. bisa menangkal MITM. Meskipun tidak ada system yang aman, minimal ini salah satu cara bertahan.
::Bonus ^_^
tambahan dari ane menangkal mitm dari sysctl.conf
[code]root@IBTeam |Aceh:~# nano /etc/sysctl.conf
cari baris
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
kemudian rubah menjadi
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
kemudian jalankan
Code: root@IBTeam |Aceh:~# sysctl -p
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
akhir kata sekian dan terima kasih, dikalau ada y salah, mohon koreksinya karena ane cuma manusia biasa y mencoba untuk berbagi, meskipun cuma sebaris kalimat
wasslm,
sumber
makasehh om iyan ...
nice tutornya , ane tunggu tutor" berikutnya ...
semangat \m/
Posts: 48
Threads: 2
Joined: Jul 2012
(10-06-2012, 01:24 AM)iyan squid Wrote: Asslm,
ketemu lagi sama ane , facebooker galau
kali ini ane mw bagi2 bagi y belom tw aja, salah satu tool firewall yaitu gufw
apa itu gufw ?
Gufw adalah GUI dari ufw dimana ufw sendiri adalah The default firewall configuration tool for Ubuntu is ufw. Developed to easeiptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled.
#maaf gk bisa artiin masih cetek bahasa inggris ane
sedangkan firewall :
Merupakan suatu cara/sistem/mekanisme yang diterapkan baik terhadap hardware , software ataupun sistem itu sendiri dengan tujuan untuk melindungi, baik dengan menyaring, membatasi atau bahkan menolak suatu atau semua hubungan/kegiatan suatu segmen pada jaringan pribadi dengan jaringan luar yang bukan merupakan ruang lingkupnya. Segmen tersebut dapat merupakan sebuah workstation, server, router, atau local area network (LAN).
langsung saja cara menginstall gufw di ubuntu/backtrack
Code: root@IBTeam |Aceh:~# apt-get install gufw
terus kalo udah tinggal buka aja gufw di menu>>system>>prefference>>administration>>Firewall configurations
untuk mengaktifkan Gufw tinggal klik enable terus tekan tombol add di sudut kanan bawah
kemudian add rule
contoh disini saya berikan akses
|| deny || in || service || ftp ||
keterangan gufw akan men deny , jaringan in (masuk) pada service ftp atau port 21
berikut penampakan setingan gufw di lapi ane
berikut ss iptables dari console ane
Code: root@IBTeam |Aceh:~# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-logging-input all -- anywhere anywhere
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-logging-input all -- anywhere anywhere
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-logging-forward all -- anywhere anywhere
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-logging-forward all -- anywhere anywhere
ufw-reject-forward all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-output all -- anywhere anywhere
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-logging-output all -- anywhere anywhere
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere
Chain ufw-after-forward (1 references)
target prot opt source destination
Chain ufw-after-input (1 references)
target prot opt source destination
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-ns
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:netbios-dgm
ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:netbios-ssn
ufw-skip-to-policy-input tcp -- anywhere anywhere tcp dpt:microsoft-ds
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootps
ufw-skip-to-policy-input udp -- anywhere anywhere udp dpt:bootpc
ufw-skip-to-policy-input all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
Chain ufw-after-logging-forward (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW BLOCK] '
Chain ufw-after-logging-input (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW BLOCK] '
Chain ufw-after-logging-output (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW ALLOW] '
Chain ufw-after-output (1 references)
target prot opt source destination
Chain ufw-before-forward (1 references)
target prot opt source destination
ufw-user-forward all -- anywhere anywhere
Chain ufw-before-input (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ufw-logging-deny all -- anywhere anywhere state INVALID
DROP all -- anywhere anywhere state INVALID
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ufw-not-local all -- anywhere anywhere
ACCEPT all -- base-address.mcast.net/4 anywhere
ACCEPT all -- anywhere base-address.mcast.net/4
ufw-user-input all -- anywhere anywhere
Chain ufw-before-logging-forward (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW AUDIT] '
Chain ufw-before-logging-input (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW AUDIT] '
Chain ufw-before-logging-output (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW AUDIT] '
Chain ufw-before-output (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ufw-user-output all -- anywhere anywhere
Chain ufw-logging-allow (0 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW ALLOW] '
Chain ufw-logging-deny (2 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning prefix `[UFW BLOCK] '
Chain ufw-not-local (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10
DROP all -- anywhere anywhere
Chain ufw-reject-forward (1 references)
target prot opt source destination
Chain ufw-reject-input (1 references)
target prot opt source destination
Chain ufw-reject-output (1 references)
target prot opt source destination
Chain ufw-skip-to-policy-forward (0 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-to-policy-input (7 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-to-policy-output (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw-track-input (1 references)
target prot opt source destination
Chain ufw-track-output (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state NEW
ACCEPT udp -- anywhere anywhere state NEW
Chain ufw-user-forward (1 references)
target prot opt source destination
Chain ufw-user-input (1 references)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp dpt:ftp
DROP tcp -- anywhere anywhere tcp dpt:imap2
DROP udp -- anywhere anywhere udp dpt:imap2
DROP tcp -- anywhere anywhere tcp dpt:nfs
DROP udp -- anywhere anywhere udp dpt:nfs
DROP tcp -- anywhere anywhere tcp dpt:pop3
DROP udp -- anywhere anywhere udp dpt:pop3
DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds
DROP udp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm
DROP tcp -- anywhere anywhere tcp dpt:smtp
DROP tcp -- anywhere anywhere tcp dpt:ssh
DROP udp -- anywhere anywhere udp dpt:ssh
DROP tcp -- anywhere anywhere tcp dpt:5900
Chain ufw-user-limit (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix `[UFW LIMIT BLOCK] '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain ufw-user-limit-accept (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw-user-logging-forward (0 references)
target prot opt source destination
Chain ufw-user-logging-input (0 references)
target prot opt source destination
Chain ufw-user-logging-output (0 references)
target prot opt source destination
Chain ufw-user-output (1 references)
target prot opt source destination
[/quote]
silahkan dicoba suruh teman untuk melakukan serangan ke laptop anda, di laptop ane ini berhasil. bisa menangkal MITM. Meskipun tidak ada system yang aman, minimal ini salah satu cara bertahan.
::Bonus ^_^
tambahan dari ane menangkal mitm dari sysctl.conf
[code]root@IBTeam |Aceh:~# nano /etc/sysctl.conf
cari baris
# Do not accept ICMP redirects (prevent MITM attacks)
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_redirects = 0
kemudian rubah menjadi
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
kemudian jalankan
Code: root@IBTeam |Aceh:~# sysctl -p
net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
akhir kata sekian dan terima kasih, dikalau ada y salah, mohon koreksinya karena ane cuma manusia biasa y mencoba untuk berbagi, meskipun cuma sebaris kalimat
wasslm,
sumber
mainan nya firewal
jadi atuuuuutttt :- :- :- :-
Posts: 450
Threads: 64
Joined: Jul 2012
Keren om, ane suka ini... itu.. :-. , gimana cara gunainnya entar ntu bbang, apakah, ada tambahan lagi.. :/ masih lum ngerti kali gunain firewall di linux, apalagi pakai gufw. (
(10-06-2012, 01:34 AM)iyan squid Wrote: (10-06-2012, 01:31 AM)m4k4ss4rh4ck3r Wrote: nice inpoh hacker aceh,,,,,memang keren
hadeuh jangan panggil ane hacker aceh, ane bukan hacker cuma facebooker galau y numpang buat tread
.: adi berisi makin merunduk...::. :-bd
<p>========= Cyberly================
Indonesian Backtrack Team Regional Aceh
" Walau diam tetap belajar"
GPComp</p>
(This post was last modified: 03-07-2013, 06:46 PM by cyberly.)
Posts: 2,063
Threads: 95
Joined: Jun 2011
ss Gufw nya g ada :p
main terminal ajalah :v pake ufw
ufw enable
ufw allow 22
Posts: 346
Threads: 34
Joined: Apr 2013
Mantap om facebooker galau is here, Moga disayang ibu
Calon manusia sukses tidak akan pernah mengeluh, tapi akan sibuk memperbaiki diri dari semua kesalahan yang pernah dibuatnya
My Facebook
My Twitter
|