Experience Attack Surface
Experience Attack Surface
Completed
10In progress
0Not started
0Estimate timeline for various goals
1. Create a Linux Virtual Machine with free cloud service credits (eg. Amazon EC2)
2. Once Linux VM is live with SSH service running, look at /var/log/syslog or /var/log/auth.log for ssh brute-force attempts
3. Setup alert mechanism (eg. pushbullet) for successful ssh shell-in
4. Create a 'admin' non-root user, use root to force a weak password.
5. Signup ZeroTier, learn how to create your private network.
6. Install ZeroTier on your Linux VM & join your private network.
7. Repeat earlier step with an end-(jump)-point that you want to SSH to your Linux VM.
8. Configure your VM sshd to listen ONLY to your ZeroTier private IP address. Repeat step 2, notice the difference.
Apply what you learn (for SSHd) to WordPress