search

ezra-buckingham / terry-the-terraformer

A CLI for deploying red team infrastructure across mutliple cloud providers, all integrated with a virtual Nebula network, and full ELK integration
https://github.com/ezra-buckingham/terry-the-terraformer/wiki
MIT License
110 stars 15 forks source link

Firewall rules #8

Closed leebaird closed 1 year ago

leebaird commented 2 years ago

If Nebula is not being used, suggest the following:

  1. Configure /var/www/html/.htaccess on each redirector and set the first proxy rule with the IP address of the C2 server.
  2. Configure the C2 server firewall to allow port 443 from each redirector.
ezra-buckingham commented 2 years ago

After looking further, it is going to be very difficult to implement IP and port. Implementing the IP is easy, but there are some flaws with port as I will need to have it taken in as a CLI param since the redirectors can map to any non-standard port to transfer C2 comms over Nebula / internet.... still working on it though

ezra-buckingham commented 1 year ago

I didn't use that branch, but changes have been pushed to address this, it now has a "blanket" approve for all firewall rules across the cluster. So all resources can freely communicate with each other over the internet (not great, but best I can do given ports may differ if you use containers)

leebaird commented 1 year ago

I thought you told me this only worked with Nebula.

ezra-buckingham commented 1 year ago

As it worked in the past, yes, but I was able to make it work as long as all of your resources are routable directly from the internet. Also, there’s no granular control of allowed ports in the solution I committed, it’s allow all from all resources in a build