As of May 5th 2021 the WireGuard Virtual Private Network (VPN) software is available as a package through pfSense’s Package Manager. This guide covers configuring a WireGuard “server” using the WireGuard package v0.1.5_3 on pfSense 21.05_2 and a WireGuard “client” on Android.
Continue Reading...The objective of this project was to replicate the functionality of Internet Protocol (IP) address block lists in pfBlockerNG on pfSense without the use of an additional plugin.
Continue Reading...Note: After publishing this article the WireGuard package was removed from FreeBSD and subsequently pfSense. An updated article which leverages the WireGuard package from the Package Manager, and which is configured slightly different, can be found at Configuring WireGuard Package on pfSense 21.05 and Android
Continue Reading...This entry covers installing OPNsense on a FreeBSD 12.1 Amazon Lightsail instance. A post on the OPNsense forums provided the foundation for using the opnsense-bootstrap.sh script and configuring OPNsense’s LAN interface to work with Lightsail. The main area of improvement in this post over the original is showing how OPNsense can be installed on FreeBSD 12 versus downgrading to FreeBSD 11.
In the first of (what I hope will be) multiple posts I am going to document my home environment. This post will involve setting up virtual local area networks (VLANs) and access control lists (ACLs) in pfSense 2.4.
Continue Reading...One task I have been working on automating is reviewing Microsoft SQL databases and the data that resides in them. Using a built-in Microsoft stored procedure and Microsoft utilities I implemented a process to execute SQL command(s) against multiple MSSQL databases and instances using native methods.
Continue Reading...I recently found myself creating a policy in Nessus manually in a way that should be automated. Periodically, a new Nessus profile needs to be created that has selected plugins disabled based on filter criteria. Since Nessus releases new plugins all the time, the enabled plugins need to be reevaluated when a new profile is built. Nessus v5 has an API for interfacing with it, but the process for making a new policy with disabled plugins is not clearly defined in the documentation.
Continue Reading...Originally I wanted to talk about, and work on, building a solution to upload data from a Windows workstation if the only tools available were native to Windows. After an evening of coding I realized I didn’t solve the issue I wanted to, but I did build a fun way to exfiltrate information from a Windows system if that workstation has .NET and PowerShell available.
Continue Reading...I know that I am late to the party, but I have been doing more web development in my free time and I have discovered Grunt! I was so happy to have a tool that would minify my code automatically. After learning about the different packages and setting up my Gruntfile.js I needed up update my Jenkins server to run my Grunt tasks as part of my build plan.
Continue Reading...When I was asked by SecDaemons to give a talk to the club about a security topic I was excited about the opportunity. The best way to learn something is by teaching it and I wanted to learn more about reversing .NET assemblies. I have created two write-ups for .NET challenges from CSAW which have helped me learn how to use some of the reversing tools. These challenges are easy in scope and a lot of fun.
Continue Reading...I finally decided that it was time to implement a guest wireless network at home so I could have some tighter control when people came to visit. My existing network setup consisted of an HP ProLiant server running the latest version of pfSense and an Asus RT-N16 running DD-WRT.
Continue Reading...