Adding exceptions

It is also important to add your own set of rules once you have access to the remote command shell.

For example, one can utilize the netsh Windows command-line utility to add a remote desktop through the firewall by entering the following:

netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes

Upon successful execution of the preceding command, attackers should be able to see the following screenshot:

A non-stealthy way would be to disable all the profiles by running netsh advfirewall set allprofiles state off, or netsh firewall set opmode disable in older versions of Windows.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
35.171.182.239