​In my recent, demo-focused Windows Attack and Defense webinar, I attacked a Capture the Flag (CTF) challenge that I designed around the Windows-based Metasploitable 3 virtual machine. After the attack, I demonstrated how you can break the attack using the open source OSSEC’s active response rules to block the attacker’s IP at the sign of their first port scan. There are a number of other systems hardening measures we could use to block the attack.

By admin