Cov ntaub ntawv Gophish
navigation
Yuav teeb tsa SMTP Email Server li cas rau Phish Test hauv 2022
Puas yog koj tab tom txiav txim siab teeb tsa koj tus kheej phish xeem phiaj xwm xyoo no?
Social Engineering tau loj hlob mus rau qhov kev hem thawj loj dua hauv 2022 thiab koj tab tom xav txog txoj hauv kev los daws nws.
Txawm li cas los xij, kev txo qis uas kev lag luam tau muab tso rau hauv qhov chaw tau ua qhov nyuaj dua li qhov qub.
Txhawm rau pib koj yuav xav tau ob peb yam.
Koj xav tau SMTP email server siv tau.
Qhov no tuaj yeem nyuaj vim tias feem ntau cov chaw muab kev pabcuam huab thaiv SMTP tsheb.
Koj tseem xav tau lub dashboard los taug qab, thiab txheeb xyuas koj qhov kev tshawb pom ntawm social engineering.
Qhov no yuav tso cai rau koj saib kev nce qib thiab qhia rov qab rau pawg thawj coj.
Kev teeb tsa no tuaj yeem siv sijhawm ntau lub lis piam ua haujlwm ntxiv rau kev sim, ntxiv txog ntau txhiab nyiaj hauv kev ua haujlwm.
Tias yog vim li cas peb thiaj li tsim cov lus qhia no los qhia koj tias koj tuaj yeem teeb tsa SMTP server ntawm hosting cov chaw muab kev pabcuam uas tsis thaiv SMTP.
Thaum kawg ntawm phau ntawv qhia no koj yuav paub yuav ua li cas teeb tsa thiab ruaj ntseg tus neeg rau zaub mov kom nws tuaj yeem xa cov lus.
Ntxiv rau koj yuav paub yuav ua li cas kom sov tus IP chaw tus neeg rau zaub mov siv kom cov lus xa tuaj.
Peb yuav siv lub cuab yeej hu ua Poste.io los pab hauv kev teeb tsa xa ntawv.
Peb tseem yuav qhia koj yuav ua li cas teeb tsa phishing dashboard uas koj tuaj yeem siv los taug qab thiab txheeb xyuas koj qhov kev tshawb pom.
Peb muaj lub dashboard leveraging GoPhish ntawm Amazon Web Services npaj los pib.
Koj tuaj yeem tig lub dashboard no rau thiab tawm raws li koj xav tau los tswj thiab txheeb xyuas koj cov phiaj xwm kev sim phish.
Yuav teeb tsa koj li SMTP Server li cas
Ua ntej tshaj plaws koj yuav tsum tau txais VPS los ntawm tus kws kho mob uas tso cai rau SMTP kev khiav tsheb.
Qhov ntawd txhais tau tias Contabo, Hetzner, LunaNode, BuyVM, lossis Scaleway.
Peb yuav siv Contabo hauv qhov piv txwv no.
- Tsim ib tus account ntawm Contabo nrog tsawg kawg 4GB ntawm RAM thiab 80 GB ntawm qhov chaw cia.
Nyem no qhib lub Contabo VM nrog cov kev xaiv ua ntej.
- Koj tuaj yeem xaiv lub sijhawm uas haum rau koj cov ntaub ntawv siv.
Peb pab neeg siv cov lus txhua hli tshwj tsis yog tias peb muaj daim ntawv cog lus siv ntev dua rau kev sim phish.
- Tom ntej no koj yuav xav xaiv ib cheeb tsam uas ze tshaj plaws rau lub koom haum koj yuav tau sim.
Hauv qhov no, kuv yuav siv US East hauv Contabo.
- VPS koj siv rau hosting koj SMTP server yuav tsum muaj tsawg kawg yog 4 GB ntawm RAM thiab tsawg kawg yog 80GB ntawm qhov chaw cia.
- Tom qab ntawd koj yuav xav xaiv Qhov Kev Ua Haujlwm, xaiv Ubuntu 20.04 kom ntseeg tau tias muaj kev sib raug zoo.
6. Xaiv tus password uas koj yuav siv rau kev nkag mus rau koj lub server ntawm SSH. Koj tuaj yeem tsim tus password muaj zog ntawm no: https://passwordsgenerator.net/
Nco ntsoov khaws qhov no hauv tus neeg saib xyuas tus password zoo li LastPass rau yav tom ntej siv.
- Nco ntsoov tias koj tau faib tsawg kawg ib qho chaw nyob IP pej xeem!
8. Koj tuaj yeem tawm ntawm qhov tsis raug rau Addons thiab Server Quantity hauv Contabo.
- Tom qab ntawd koj yuav tsum nkag mus lossis tsim ib tus account.
- Thaum koj nkag rau hauv, them tus nqi txhua hli rau qhov kev pabcuam.
- Tom qab koj them, koj yuav tau txais email lees paub thaum koj lub server raug teeb tsa.
- Tom ntej no peb yuav nkag mus rau hauv lub server thiab pib teeb tsa koj SMTP server siv Poste.io.
Koj yuav tsum tau siv lub npe siv (hauv paus) thiab lo lus zais uas koj tsim ua ntej nkag mus rau lub server ntawm SSH.
13. Koj tuaj yeem txuas nrog koj tus neeg siv SSH nyiam, xws li MobaXTerm los yog PuTTY.
Thaum koj tau nkag mus rau hauv lub server, koj yuav xav mus rau Poste.io thiab khiav cov kauj ruam hauv qab no:
- Nruab Docker Cav ntawm koj tus neeg rau zaub mov Ubuntu siv cov lus qhia nrog cov ntawv nrawm ntawm no:
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
- Koj tuaj yeem nruab Docker Engine siv cov lus txib hauv qab no yog tias tsab ntawv nrawm tsis ua haujlwm rau koj qhov kev faib tawm Ubuntu:
sudo apt-tau hloov tshiab
sudo apt-mus nruab \
ca-certificates \
curl \
gnupg \
lsb- tso
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg -dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
ncho \
"deb [arch=$(dpkg –print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) ruaj khov” | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-tau hloov tshiab
sudo apt-mus nruab docker-ce docker-ce-cli containerd.io docker-compose-plugin
- Xyuas kom tseeb tias Docker cav khiav nrog cov lus txib hauv qab no uas yuav tsum tso tawm Hello World thiab tom qab ntawd kaw lub thawv Docker:
sudo docker khiav nyob zoo-world
17. Rub tawm thiab khiav Dockerfile los ntawm Poste.io los ntawm https://poste.io/doc/getting-started siv cov lus txib hauv qab no.
$ docker khiav \
-net = host \
-e TZ=America/New_York \
-v /your-data-dir/data:/data \
-npe "mailserver" \
-h “mail.yourphishdomain.com” \
-t analogic/poste.io
Muaj qee qhov kev hloov kho uas koj yuav xav ua rau cov lus txib no:
- -e TZ =USA/New_York Teem lub sijhawm rau hnub tim kom raug
- -v /your-data-dir/data:/data Mounts cov ntaub ntawv directory los ntawm host system. Cov neeg siv database, emails, cav, txhua yam yuav xaus rau hauv phau ntawv no kom yooj yim thaub qab.
- -npe "mailserver" Khiav poste.io ua lub thawv nrog lub npe txhais
- -h “mail.yourphishdomain.com” Hostname rau koj tus phish xeem xa ntawv server
Poste.io yuav daws teeb tsa kev ntsuas kev ruaj ntseg tshiab, TLS, SPF, DKIM, thiab DMARC sawv cev rau koj.
- Siv lub cuab yeej IP Warming yam tsawg kawg 72 teev ua ntej tshaj tawm cov phiaj xwm phish.
Lemlist yog $29/mo, thiab WarmupInbox yog $9/mo, xa mus rau IP Warming SOP kom paub meej.
Thov xa mus rau peb phau ntawv qhia "Yuav Ua Li Cas Sov IP" rau kev txiav txim siab txog kev sov siab IP.
SOP: Yuav ua li cas sov IP rau tus email tshiab
- Taug qab IP lub koob npe nrov siv poste.io/dnsbl, mxtoolbox.com/blacklists.aspx lossis dnsbl.info.
20. Ntsuam xyuas cov neeg rau zaub mov thiab email templates siv mail-tester.com los txhim kho kev xa khoom.
Yuav Ua Li Cas Teeb Koj Phish Testing Dashboard
21. Tsim lossis nkag rau hauv koj tus account AWS
22. Mus saib GoPhish kev lag luam npe
23. Pib qhov kev sim pub dawb nrog rau cov npe hauv khw
24. Txais cov nqe lus thiab muab GoPhish server hauv koj tus account AWS. Yog tias koj tab tom tsim ib tus account tshiab, Amazon yuav txheeb xyuas koj tus as khauj thiab xa koj cov ntawv pov thawj los ntawm email.
25. Nkag mus rau hauv koj lub GoPhish dashboard siv koj tus username thiab instance ID.
26. Configure your sending Profile to use your new Poste.io SMTP server on Contabo.
SMTP Kev Sib Txuas Lus Qhia
- host: mail.yourphishdomain.com
- chaw nres nkoj: 465 (TLS xav tau), 587 hloov pauv (STARTTLS xav tau)
- yuav tsum tau authentication
- username yog tag nrho email chaw nyob username@example.com
- 27. Teeb tsa koj thawj Kev Sib Tw.
- 28. Xa koj qhov kev sib tw thawj zaug
Muaj lus nug? Koj tuaj yeem pom peb cov ntaub ntawv GoPhish ntawm no, lossis hu rau peb kom pab ntawm support@hailbytes.com
COV LUS UAS PHEEJ NUG HEEV
- host: mail.yourphishdomain.com
- chaw nres nkoj: 465 (TLS xav tau), 587 hloov pauv (STARTTLS xav tau)
- yuav tsum tau authentication
- username yog tag nrho email chaw nyob username@example.com
- 27. Teeb tsa koj thawj Kev Sib Tw.
- 28. Xa koj qhov kev sib tw thawj zaug
Muaj lus nug? Koj tuaj yeem pom peb cov ntaub ntawv GoPhish ntawm no, lossis hu rau peb kom pab ntawm support@hailbytes.com
