Firewall and DNS Filtering Penetration Tests using Parrot OS

Authors

Carranza, Aparicio

Bustamante, Miguel

Carranza, Harrison

DeCusatis, Casimer

Islam, Jennifer

Abstract

Cybersecurity threats targeting user privacy and DNS have become increasingly common, especially due to the increasing number of remote users driven by the COVID-19 pandemic. In this tutorial paper, we address configuration of a penetration testing environment for preventing information leakage that could compromise anonymous network services. We first construct and validate a test environment using the security edition of the Parrot operating system for GNU/Linux and Windows environments, and establish its resilience against various scans and attacks, including a SYN scan in stealth mode with spoofed source IP address, FTP bounce scan, web host vulnerability scans using Nikto, and denial of service (DoS) attacks using Metasploit. Experimental results are documented using Nmap and WireShark. We then use this environment to test DNS leakage and transparent DNS proxy effects. Mitigation for these attacks is demonstrated using the AnonSurf application bundled with Parrot OS.