1. Pop on over to he.net and create an account
2. Create a regular tunnel and you should be given a page of details like the following
   
3. Download the following script
   Open the script with your favorite text editor and set the variables at the top as required

   IFIN="re1"

   This is your LAN interface.

   IPv6Router="2001:470:1f09:3cd::1"
   IPv6Server="2001:470:1f08:3cd::1"
   IPv6Client="2001:470:1f08:3cd::2"

   IPv6 Router is the first address from your routed /64 range given on the he.net details panel
   IPv6 Server is simply your IPv6 server address given on the he.net details panel
   and IPv6 Client is also just your IPv6 client address given on the he.net details panel.

   IPv4Server="216.66.80.26"
   IPv4Client="88.151.87.116"

   IPv4 Server is simply the IPv4 server address given on the he.net details panel
   and IPv4 client is your WAN IP address.

4. We also need to create a configuration file for rtadvd copy and paste the following

   re1:\
      :addrs#1:addr="2001:470:1f09:3cd::":prefixlen#64:tc=ether:

   Where re1 is your LAN interface and where 2001:470:1f09:3cd:: is your /64 route. Save the following as rtadvd.conf

5. Using sftp upload rtadvd.conf to /etc and config-ipv6.sh to /usr/local/etc/rc.d on your pfsense box. Set the permissions for config-ipv6.sh as executable.
6. Reboot your pfsense box and the script should auto start and bring up your IPv6 tunnel

Bash Functions

A fork bomb is really just a bash function, below is an example of a bash function

helloworld() {
echo hello world
};

A fork bomb would be

:(){
 :|:&
};:

Now to explain.
:(){ - Creates the function
:|: - Next it call itself using recursion and pipes the output to another call of the function
& - Puts the function call in the background so child cannot die
}; - Terminate the function
: - Call (run) the function

If you would like a more human readable fork bomb it would be as follows

forkbomb(){
forkbomb | forkbomb &
}; forkbomb

Preventing Fork Bombs

We can prevent users from running fork bombs by limiting the amount of processes they are allowed to run.
We can achive this using /etc/security/limits.conf

To get started open /etc/security/limits.conf

nano /etc/security/limits.conf

In my example I want to limit the user john to 300 processes and any users in the group of students to 250 processes. For this I would put the following into my config file

john hard nproc 300
@students hard nproc 250

Please keep in mind that KDE and Gnome desktop system can lanuch many processes.

1. First we need to create the key

   ssh-keygen -t rsa

2. Then we need to move it over to the machine that we want to be able to login too without the need for a password to do this run the following command

   scp .ssh/id_rsa.pub OTHER-MACHINES-IP:.ssh/authorized_keys

3. You should now be able to ssh into that machine without needing a password

Adding the following to your IP tables will only allow 3 connections at once from any IP if it goes above 3 then that IP is locked out for 3minutes. At this stage the bot running the attack will either give up as its getting no reply from the SSH server or it will keep trying until it finishes its wordlist

iptables -I INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name DEFAULT --rsource

iptables -I INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 180 --hitcount 4 --name DEFAULT --rsource -j DROP