Robert H. Osborne
  • Home
  • Contact Us
  • Links
    • The B.T.P.S Sec Pack
    • YouTube Channel
    • Certifications
    • HTB Writeups
    • HTB Profile
    • PS Gallery
  • Videos
    • BHack 2020 Presentation
    • Securing Windows 10
    • Securing LDAP over SSL
    • Securing WinRM over HTTPS
    • Securing RADIUS Wireless
    • Securing RADIUS Wired
    • Securing FTPS Windows
    • Securing RDP
    • Securing SMB
    • Securing DNS
    • Securing FTPS Linux
    • Securing SSH
    • Learning Vim
    • Learn Tmux
    • Learn Windows Terminal
    • Learn ConEmu
  • Blogs
    • Not Intutive PS Behavior
    • Searching Event Logs
    • Write PowerShell Cmdlets
  • Red Team Notes
    • Enumeration
    • Pivoting Proxies
    • File Transfer
    • PrivEsc
    • Credentials
    • Firewall
    • WiFi Password Cracking
    • SSDP Spoofing
    • Ettercap Spoofing
    • ARP and DNS Spoofing
    • PowerShell Tools
    • AppLocker Bypass
    • SUID Notes
    • PHP Wrappers
    • SQL Injections
    • Certificates
    • Chroot Jail
    • Services
    • Reverse Shells
    • TTY Shell
  • Privacy Policy
Robert H. Osborne
  • Home
  • Contact Us
  • Links
  • Videos
  • Blogs
  • Red Team Notes
  • Privacy Policy

FIREWALL COMMANDS

FIREWALL

Firewall Commands

Evade Windows Anti-Virus:

Shelter https://www.shellterproject.com/download/ can inject  shellcode into legit 32-Bit Executables and is likely to not get  detected.


=============

WINDOWS

=============

CMD:

  netsh advfirewall firewall show rule name=all

PS: 

  Get-NetFirewallRule

  Show-FirewallRule
 


Disable Firewall on Windows 7 via CMD:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurentControlSet\Control\Terminal Server"  /v fDenyTSConnections /t REG_DWORD /d 0 /f
 


Disable Firewall on Windows 7 via Powershell:

powershell.exe  -ExecutionPolicy Bypass -Command 'Set-ItemProperty -Path  "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name  "fDenyTSConnections" –Value'`
 


Add File Path to Exclude From Windows Defender
Set-MpPreference -ExclusionPath "C:\Windows\System32\spool\drivers\color"
 


Disable Windows Defender
Set-MpPreference -DisableRealtimeMonitoring $True



==============

LINUX

==============

IP TABLES:

List Rules;

  iptables -L -n


Delete Rule;

  iptables -D INPUT -m conntrack --ctstate INVALID -j DROP


Delete Rule By Line Number;

1.) Get Line Numbers

  iptables -L --line-numbers


2.) Delete the Line

  iptables -D INPUT 3


Delete All Input Rules;

  iptables -F INPUT


Delete All Rules;

  iptables -F


Allow All Traffic;

  iptables -P INPUT ACCEPT

  iptables -P FORWARD ACCEPT
 iptables -P OUTPUT ACCEPT


Add Rule;

  iptables -A chain firewall-rule
 



UFW:

List Rules;

  ufw status numbered


Delete Rules;

  ufw delete 4


Create Rules;

  ufw allow 2222


Disable;

  ufw reset




FIREWALLD:

Find Where Firewall Is Active

  firewall-cmd --get-active-zones

  firewall-cmd --get-services


Get Firewall Info

  firewall-cmd --zone=public --list-all


Open a Port

  firewall-cmd --permanent --zone=public --add-port=80/tcp


Remove Rule

  firewall-cmd --zone=public --remove-port=80/tcp


Confirm Removal

  firewall-cmd --zone=public --list-ports


Allow Service

  firewall-cmd --zone=public --add-service=ftp


Block In and Out Connections

  firewall-cmd --panic-on

  firewall-cmd --query-panic


Turn Block All Connections Off

  firewall-cmd --panic-off
 firewall-cmd --query-panic

Copyright © 2020 Robert H. Osborne - OsbornePro LLC.

  • Privacy Policy

Cookie Policy

If accepted the cookies on this site are used for my own interest in who is viewing the site. I will not profit off of this information in any way.

DeclineAccept & Close