Foreword
- To finish the experiment feeling some knowledge of meter net has a lot of skilled
- Since the establishment of the experimental environment requires a virtual machine, Vmware virtual machine three network mode Detailed
reference to this, write very good https://www.cnblogs.com/linjiaxin/p/6476480.html - Experimental preferably turn off the firewall, linux operating off the firewall https://blog.csdn.net/qq_34989708/article/details/73603638
ready
Virtual machine is ready
In fact, look at each of these cases, it can also involve the following network configuration of each system, much the same (remember when the first time participate in the competition, even the networks are not equipped, really embarrassing)
1 Select a virtual machine, and then cloned several Taiwan, where select red hat
2 vim / etc / sysconfig / network -scripts / ifcfg-eth0 open entry and file deletion hwaddr UUID
echo '> /etc/udev/rules.d/70-persistent-net.rules' >> / etc / S' >> /etc/rc.local
then restart
3 cloned virtual machine 2 and 5
. 4 are each remaining virtual machine installed
Select the virtual machine
10.0.0.0 segment:
Kali 64 bit 10.0.0.9
Windows XP 10.0.0.20
Cloning 10.0.0.10 2
10.0.0.1 segments:
Kali 32 bit 10.0.1.8
clone 5 10.0.1.10
virtual router:
Red Hat 10.0.0.12 10.0.1.12
Network topology
LAN ready
1 Open the virtual adapter
2 Select Add network vmnet2 select the host mode only scratched the IP settings for dhcp service you want ip, because I have two network segments, this is set to 10.0.0.0. After VMnet3 added in the same network, the same, except 10.0.1.0 IP segment is set to
3 in FIG operation, select the network adapter, select Custom. Kali64, winxp, 2 clones selected vmnet2. Kali32, 5 clonal selection vmnet3.
Red hat this special, you need to add a network adapter, first select vmnet2 second choice vmnet3
Network Configuration
1,克隆2 、克隆5、red hat这几台虚拟机配置都相同,只是设置静态ip不同,只要把 static ip这一项改为对应的即可 以5为例
sudo setup进入网络配置界面
另外对于red hat 按以上方式添加完eth0后,需新建eth1
对于kali32和kali64 可以打开文件gedit /etc/network/interfaces 配置,将其中的address设置为自己的ip就可
对于winxp,可以如下配置
2,配置完后需要重启网络服务
Linux为 service network restart
Kali为/etc/init.d/networking restart
3,关闭防火墙
Linux为chkconfig iptables off(永久关)/etc/init.d/iptables stop(暂时关)
Klai 为ufw disable
4,配置虚拟路由(red hat)
vim /etc/sysctl.conf改为1
sysctl -p 修改生效
5,建立网段的连接
在10.0.0.0网段为:route add -net 10.0.1.0 netmask 255.255.255.0 gw 10.0.0.12
在10.0.0.1网段为:route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.1.12
检测
克隆2ping 克隆5 成功 ,ttl值发现减一,说明经过一个路由
克隆2ping kali64成功
相互ping都能成功
从2追踪路径
终于成功!!!!
实验部分
Icmp dos攻击
攻击机:kali64
被攻击:winxp
1运用python库scapy写一个不断发包脚本,源地址是被攻击主机的地址,目的地址是10.0.0.0网段下所有主机
from scapy.all import *
packet2=Ether(src='00:0c:29:78:B4:E9',dst='ff:ff:ff:ff:ff:ff')/IP(src='10.0.0.20',dst='10.0.0.0/24')/ICMP()
sendp(packet2,iface='eth0',loop=1)
2通过wireshark抓包可以发现,所有收到包的主机都会向被攻击主机发送回应包,因为实验环境中,只有这几台主机,其它地址都没有,所以有很多 no response found,并且攻击效果不明显
Arp dos攻击
攻击机:kali64
被攻击:winxp
运用工具:arpspoof
1不断向被攻击机发送假的arp回应包,包中ip为网关10.0.0.12,对应mac地址却为自己的Mac地址
2之后发现被攻击机已经无法联网,ping不通网关
3停止攻击后,恢复正常
