Category: Uncategorized

How I set-up my JetKVM

Today I will be talking about JetKVM, an open-source KVM (Keyboard, Video, Mouse) that is used to “remotely” manage computers, servers, and workstations.

Though a fairly simple process, there will probably be multiple parts to this, since it would be a really long blog otherwise. That being said, let’s go to the first part: Connecting JetKVM.

The USB-C and mini HDMI adapter came with the box, as did an actual mini HDMI to HDMI cable, but it was too short so I used my own. The Ethernet cable is also my own. After connecting all the cables to JetKVM, you should see something like this on its screen.

Let’s go see if it worked by going onto a browser with a different computer, and putting in the IP address from the JetKVM screen onto the browser’s address bar. There should be a prompt asking you to set up the JetKVM. (First time only)

The overall setup looks like this, see the diagram below:

The picture below shows when using JetKVM to install IPFire firewall (this is from the console)

The next picture below shows when using jetkvm to control windows 11 laptop. (this laptop is used to test the firewall rules)

It is possible to control JetKVM over the internet if using OpenVPN remote connection from IPFire firewall.

Links:
https://jetkvm.com/

First test on IPFire firewall

Wanted to try out one of the Open Source firewalls, and for this test I selected IPFire. For other candidates see links.

I installed IPFire on a miniPC using JetKVM. The mini PC is from Ebay and has the following specs, to those interested to know:

Model: HP EliteDesk 800 G1
CPU: Intel(R) Core(TM) i5-4570S CPU
Memory: 8GB
Disk: 100GB
USB-NIC: TP-link UE300 (USB3 Gigabit Ethernet)

In IPFire the untrusted network (internet) is colored RED, and the trusted network (intranet) is GREEN. There two NIC (Network Interface Cards) are needed.

Some of the features I was testing:

Here are some screenshots:

Status -> Services

Network -> Captive Portal

Firewall -> IP Address Blocklist

Firewall -> Intrusion Prevention System

All-in-all quite many features in IPFire. To better master it would take a lot of time, but for the test purposes it was very interesting to try out and learn about. It didn’t seem too difficult to set-up for home networks.

I think I will be using the OpenVPN in the future to test different things.

Links:
https://www.ipfire.org/
https://en.wikipedia.org/wiki/List_of_router_and_firewall_distributions

Burp Suite and academy for learning

I have been dabbling a little bit with Burp Suite.
As usual, for those interested there will be links at the end.

Burp Suite is a web application testing tool, and there are two versions:
A community edition, which is free.
A professional edition, which has a subscription payment model.

I used Burp Suite’s community edition and I feel it is a good starting point for learning web application testing.

In the academy, there are many courses for learning different subjects. These courses are called “paths” and they are divided into different skill levels: Apprentice, Practitioner and Expert.
I started out at the Apprentice level path “Server-side vulnerabilities”. I really enjoyed that path, and I fully recommend it as a solid starting point for beginners like me!

Each path is further broken down into Labs, a hands-on exercise to help learn a concept that was taught previously with some basic theory.
I will be sharing some pictures that are related to two Labs that I had completed. The pictures show the setups of these Labs.

Lab: Basic SSRF against the local server

Lab: Basic SSRF against another back-end system

Trying out Burp Suite was definitely a good experience. So far i have not proceeded into other paths, having only completed “Server-side vulnerabilities”, but i might try to advance further if I have the time.

Links:
Download: https://portswigger.net/burp/communitydownload
Server-side vulnerabilities: https://portswigger.net/web-security/learning-paths/server-side-vulnerabilities-apprentice
Other paths: https://portswigger.net/web-security/learning-paths