How i can hack my pfsense ?
-
hello people,
I wonder how I can "hack" my pfSense, so I can be testing my security configurations!recently set up snort and a series of security policies in my pfSense, I would like to test!
Mostly resistance in ddos atack!
thanks
-
"hacking" as in security, not much you can do. DOS/DDOS testing, I'm not sure what tool are out there.
-
Change your username/password to admin / pfsense
Then pull up the pfsense console.
Type in:
pfctl -d
Wait.
Assuming you are connected to internet, shouldn't be a long wait (-;
-
Google for Kali Linux (or backtrack)
There's enough in that distro to keep you entertained for a while.
Expect a steep learning curve (make sure you understand what you are doing).Keep it ethical, use inside your own network only. As usual, YMMV ;)
-
I've used Nessus (http://www.tenable.com/products/nessus?gclid=CPn4z8L2r8MCFYkKwwodnzkAPw) for running outside security tests against some of my externally-facing systems. OppenVAS is a free (as in beer) fork of Nessus, which went closed source/proprietary some years ago, if money is an issue.
-
Mostly resistance in ddos atack!
Nothing is resistant to being completely overwhelmed. Even with pfSense dropping packets as fast as it can, a DDoS will blow you off the Internet if you don't have geographically-spread load-balancing protections in place, like CloudFlare. I've said this a million times: if mitigating a DDoS was just a matter of running a good firewall then DDoS wouldn't be a problem for anyone anymore.
-
My DDOS strategy is "Grin and bear it" and be quiet about it and ignore it till people get bored with it.
-
@KOM:
Mostly resistance in ddos atack!
Nothing is resistant to being completely overwhelmed. Even with pfSense dropping packets as fast as it can, a DDoS will blow you off the Internet if you don't have geographically-spread load-balancing protections in place, like CloudFlare. I've said this a million times: if mitigating a DDoS was just a matter of running a good firewall then DDoS wouldn't be a problem for anyone anymore.
I think the main goal is to make sure bandwidth is your only DDOS issue. Nothing worse than someone sending 100Kb/s of data and DDOS'n your system because of some asymmetrical attack.
-
thanks for the help guys!
I could understand! -
Did you try to Kali linux against your pfsense and if so what were the results ?
