Learn techniques for securing and protecting network devices from potential threats and attacks.
THM Room : https://tryhackme.com/room/networkdevicehardening
TASK 1 Introduction
I am ready to start the room.
No Answer.
TASK 2 Common Threat and Attack Vectors
The device that is used to control and manage network resource is called?
Answer : network devices
A threat vector that includes disruption of critical devices and services to make them unavailable to genuine users is called?
Answer : Denial of Service
TASK 3 Common Hardening Techniques
Suppose you are configuring a router; which of the following could be considered an insecure protocol:
A: HTTPS B: FTP C: SSH D: IPsec
FTP should not be configure if FTPS is possible because it’s insecure.
Answer : B
The protocol for sending log messages to a centralised server for storage and analysis is called?
“Syslog: A protocol to standardise the transfer of log messages, with the purpose of storing and analysing log messages to a central server.”
Answer : Syslog
TASK 4 Hardening Virtual Private Networks
Update the config file to use cipher AES-128-CBC. What is the flag value linked with the cipher directive?
Modify the server.conf as requested.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
ubuntu@tryhackme:/etc/openvpn/server$ cat server.conf
local 10.0.1.1 //change that to your local machine IP
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512 #Flag value: THM{AUTH_UPDATED_123}
tls-crypt tc.key
tls-version-min 1.2
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
push "block-outside-dns"
keepalive 10 120
cipher AES-128-CBC #Flag value: THM{CIPHER_UPDATED_1101}
user nobody
group nogroup
persist-key
persist-tun
verb 3
crl-verify crl.pem
explicit-exit-notify
Answer : THM{CIPHER_UPDATED_1101}
Update the config file to use auth SHA512. What is the flag value linked with the auth directive?
Answer : THM{AUTH_UPDATED_123}
As per the config file, what is the port number for the OpenVPN server?
Answer : 1194
TASK 5 Hardening Routers, Switches & Firewalls
Update the password of the router to TryHackMe123.
Go to “system > adminsitration” to reset the password.
No Answer.
What is the default SSH port configured for OpenWrt in the attached VM?
Go to “system > adminsitration > SSH Access” to view SSH configuration.
Answer :
Go through the General Settings option under the System tab in the attached VM. The administrator has left a special message in the Notes section. What is the flag value?
Answer : THM{SYSTEM101}
What is the default system log buffer size value for the OpenWrt router in the attached VM?
Answer : 64
What is the start priority for the script uhttpd?
Answer : 50
TASK 6 Hardening Routers, Switches & Firewalls - More Techniques
What is the name of the rule that accepts ICMP traffic from source zone WAN and destination zone as this device?
Answer : allow-ping
What is the name of the rule that forwards data coming from WAN port 9001 to LAN port 9002?
Answer : THM_PORT
What is the version number for the available apk package?
Answer : 2.12.2-1
TASK 7 Important Tools for Network Monitoring
Are network monitoring tools capable of detecting bandwidth bottlenecks? (yea/nay)
Answer : YEA
TASK 8 Conclusion
I have completed the room.
No Answer.