7MS #377: DIY Pentest Dropbox Tips
Today's episode is brought to you by ITProTV. It’s never too late to start a new career in IT or move up the ladder, and ITProTV has you covered - from CompTIA and Cisco to EC-Council and VMWare. Get over 65 hours of IT training for free by visiting https://itpro.tv/7minute.
In today's episode I cover some of the nasty "gotchas" I've run into when sending my pentest dropboxes around the country. Curious on how to setup your own portable pentest dropboxes (and/or pentest lab environments)? Check out part 1 and part 2 of the DIY Pentest Lab video series.
Here are some of the pain points I cover today:
-
Turn the firewall off
Set Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Protect all network connections to Disabled. Do the same for the Standard Profile by changing Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Standard Profile > Windows Firewall: Protect all network connections to Disabled. -
Disable Windows Defender
Navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Defender and choose Turn Off Windows Defender. -
Disable power sleep settings
To stop computers from snoozing on the job, head to Computer Configuration > Policies > Administrative Templates > System > Power Management > Sleep Settings and set Allow standby states (S1-S3) when sleeping (plugged in) to Disabled -
Create a second disk on the Windows management VM and install BitLocker to Go
-
Snooze windows updates (for a reasonable amount of time) during a pentest so the box doesn't auto-reboot
-
Set a static DNS entry of something popular/public like
1.1.1.1
or4.2.2.2
or8.8.8.8
to ensure your dropbox can reach the Internet once connected.
Oh and if you wanna see the "Yeah!" mom I talked about in today's episode, head [here]!(https://twitter.com/bkkirby/status/1160469222297702400)