Exercise Chapter 7 - Securing Kali Networking

Exercise 1, Chapter 07 - Securing Kali Networking
  1. Identify all open ports on your Kali instance.
  2. Configure your Kali firewall to allow inbound TCP connections on ports 22, 80, and 443 only.
  3. Verify other ports are blocked with a utility such as netcat.
  4. Make sure these rules persist after a reboot. Reboot to check!

Asciinema solution (copy and paste from video permitted):

The host's view of this exercise:

Exercise 2, Chapter 07 - Monitoring Kali Services
  1. Install logcheck on your Kali instance
  2. Try brute forcing your own SSH service, and see if log check picks up on this, and reports the attack.
  3. Create a cron’ed instance of logcheck, so that it runs once an hour, and creates a log file in /data/$(date-time).log

Exercise 3, Chapter 07 - Securing the Kali File System
  1. Install tripwire on your Kali machine. Monitor the /var/www/html/ folder for changes.
  2. If you did everything right, you'll get a lot of "File system errors". Are you hax0red? Either way, fix it.

Food for thought:
  • Here's a cool and interesting use of iptables. You can turn any computer with a wireless interface into a wireless access point with hostapd. This solution comes from here: