search
RedTeam Capstone Challegen TryHackMe

Day 13

Intrusion detection To the Pots, Through the Walls

hashtag
Learning Objectives

  • Learn to understand incident analysis through the Diamond Model.

  • Identify defensive strategies that can be applied to the Diamond Model.

  • Learn to set up firewall rules and a honeypot as defensive strategies.

This is again a straightforward room with all the commands and instructions given.

Which security model is being used to analyse the breach and defence strategies?
[REDACTED]
This can be found in the introduction to the room.
Which defence capability is used to actively search for signs of malicious activity?
[REDACTED]
This can be found in the introduction to the room.
What are our main two infrastructure focuses? (Answer format: answer1 and answer2)
[REDACTED]
This can be found in the introduction to the room.
Which firewall command is used to block traffic?
[REDACTED]
This can be found in the introduction to the room.
vantwinkle@ip-10-10-80-118:~/pentbox/pentbox-1.8$ sudo ./pentbox.rb

 PenTBox 1.8 
             .__.
             (oo)____
             (__)    )--*
                ||--|| 

--------- Menu          ruby2.7.0 @ x86_64-linux-gnu

1- Cryptography tools

2- Network tools

3- Web

4- Ip grabber

5- Geolocation ip

6- Mass attack

7- License and contact

8- Exit

   -> 2

1- Net DoS Tester
2- TCP port scanner
3- Honeypot
4- Fuzzer
5- DNS and host gathering
6- MAC address geolocation (samy.pl)

0- Back

   -> 3

Van Twinkle's Challenge

After learning about firewalls and honeypots, Van Twinkle puts his knowledge into practice and sets up a simple website to be hidden behind some firewall rules. You can deploy the firewall rules by executing the Van_Twinkle_rules.sh script within the/home/vantwinkle directory. Your task is to update the firewall rules to expose the website to the public and find a hidden flag.

PreviousDay 12NextDay 14

Last updated