FIREWALL

FIREWALL


Evade Windows Anti-Virus:

Shelter https://www.shellterproject.com/download/ can inject  shellcode into legit 32-Bit Executables and is likely to not get  detected.



=============

WINDOWS

=============

CMD:

  netsh advfirewall firewall show rule name=all

PS: 

  Get-NetFirewallRule

  Show-FirewallRule
 


Disable Firewall on Windows 7 via CMD:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurentControlSet\Control\Terminal Server"  /v fDenyTSConnections /t REG_DWORD /d 0 /f
 


Disable Firewall on Windows 7 via Powershell:

powershell.exe  -ExecutionPolicy Bypass -Command 'Set-ItemProperty -Path  "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name  "fDenyTSConnections" –Value'`
 


Add File Path to Exclude From Windows Defender
Set-MpPreference -ExclusionPath "C:\Windows\System32\spool\drivers\color"
 


Disable Windows Defender
Set-MpPreference -DisableRealtimeMonitoring $True



==============

LINUX

==============

IP TABLES:

List Rules;

  iptables -L -n


Delete Rule;

  iptables -D INPUT -m conntrack --ctstate INVALID -j DROP


Delete Rule By Line Number;

1.) Get Line Numbers

  iptables -L --line-numbers


2.) Delete the Line

  iptables -D INPUT 3


Delete All Input Rules;

  iptables -F INPUT


Delete All Rules;

  iptables -F


Allow All Traffic;

  iptables -P INPUT ACCEPT

  iptables -P FORWARD ACCEPT
 iptables -P OUTPUT ACCEPT


Add Rule;

  iptables -A chain firewall-rule
 



UFW:

List Rules;

  ufw status numbered


Delete Rules;

  ufw delete 4


Create Rules;

  ufw allow 2222


Disable;

  ufw reset




FIREWALLD:

Find Where Firewall Is Active

  firewall-cmd --get-active-zones

  firewall-cmd --get-services


Get Firewall Info

  firewall-cmd --zone=public --list-all


Open a Port

  firewall-cmd --permanent --zone=public --add-port=80/tcp


Remove Rule

  firewall-cmd --zone=public --remove-port=80/tcp


Confirm Removal

  firewall-cmd --zone=public --list-ports


Allow Service

  firewall-cmd --zone=public --add-service=ftp


Block In and Out Connections

  firewall-cmd --panic-on

  firewall-cmd --query-panic


Turn Block All Connections Off

  firewall-cmd --panic-off
 firewall-cmd --query-panic