A telecom network engineer is recommended to describe how to crack the CEN

There are two ways for ADSL to share the Internet. One is proxy and the other is address translation (NAT ).
It is a NAT method. In fact, the routing and NAT principles are still different. We will not discuss it here. Currently, ADSL cats generally have NAT
It is more economical and convenient to use its own functions to achieve Internet sharing. This article mainly discusses this method. Transfer
If you want to block more than one computer from accessing the internet, you must find that there are more than one machine behind the shared network. How does NAT work?
1. After NAT translation, the addresses of computers accessing the Internet over the Intranet are changed to 192.168.0.1, And the MAC address is also changed
I switched to the MAC address of ADSL. That is to say, in principle, packets that have been converted through NAT cannot be sent directly at the ADSL exit.
Several machines are surfing the Internet. How did we find it? After research, it is found that it uses a variety of methods to detect whether the user
Use the Internet sharing method to restrict the internet access. The following is a separate attack:
1. check whether there are different MAC addresses in the packets with the same IP address. If so, determine that the user shares the internet. Attack handling
The method is to change the MAC address of each machine to the same. The modification method is as follows:
First, obtain the MAC address of the Local Machine: the MAC address is the physical address that is fixed in the serial EEPROM on the NIC, usually with 48-bit length. To
The ingress switch implements packet switching and Transmission Based on the MAC source address and MAC destination address in a packet header.
(1) In Windows 98/Me, choose Start> RUN> enter winipcfg> enter.
(2) in Windows 2000/XP, click Start → run → Enter CMD → press ENTER → enter
"Ipconfig/all" → press Enter.
Or right-click the local connection icon, select the status, and click the support tab. The "details" here contains MAC and other
Important network parameters.
1. If your NIC Driver directly provides the clone MAC address function, such as the RTL8139 chip from RealTek, congratulations.
Click "Start> Settings> Control Panel", double-click "network and dial-up connections", right-click
Nic icon, and select "properties ". On the "General" tab, click the "configuration" button and click the "advanced" tab.
. In the "attribute" area, you should see a file called "Network Address" or "Locally Administered
Address, click it, and enter the MAC Address value you want to specify under the "value" on the right. 12 consecutive Input
Numbers or letters. Do not enter "-". After the system is restarted, the setting takes effect (Windows 98 and
Windows 2000/XP user operations are slightly different, please refer to the System Instructions)
2. If your NIC driver does not provide the clone MAC address function, here are some methods to find an appropriate
Yours
WIN98:
A. Right-click the "Network Neighbor" icon and select properties. In the displayed dialog box, double-click
Nic. A Nic Properties dialog box is displayed. In the advanced options, click the Network Address item under the property identifier,
Select the above one from the two single options on the right, and then enter the MAC address of the NIC you want to modify in the box. After you click OK, the system
You will be prompted to restart. After restarting, your NIC address will be modified !!
B. Click "Start> Run", type "winipcfg", select the NIC you want to modify, and record the MAC address value. Click"
Start → run ", enter" regedit "to run the Registry Editor (you must back up the registry before modifying the Registry)
Based on the tree structure of the Registry, locate
"HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ Class \ Net", you will see similar
Sub-keys such as "0000", "0001", and "0002. Click the "0000" subkey and search for
The content of the "DriverDesc" key until you find the NIC registry information that is exactly the same as the target.
After the correct Nic is found, click "Edit> New> string" in the drop-down menu. The string name is
"Networkaddress", double-click the name of the new "networkaddress" string to enter a value.
Enter the new MAC address value you specified. The new MAC address should be a 12-digit number or letter with no "-", Class
It looks like "00C095ECB761.
There are two ways to activate a new MAC address:
If you are using a common built-in Nic, you must restart the computer to make the change take effect.
If you are using a PCMCIA card, follow these steps without restarting the operating system:
Winipcfg, select and release DHCP settings, and disable winipcfg. Open Control Panel or System Tray "PC Card
(PCMCIA) ", stop and bring up the PCMCIA Nic. Re-insert the PCMCIA Nic, open winipcfg, select and refresh DHCP
Run winipcfg to confirm that the modified MAC address has taken effect.
In WIN2000:
A. Right-click the network neighbor icon on the desktop and select Properties. Two icons are usually displayed in the network and dial-up connection windows.
, One is the new connection icon, and the other is my connection icon. If your machine has two NICs, there will be three
Icon. If you only have one network card, right-click my connection icon and select Properties. A connection is displayed.
Property Window. When there is a connection at the top of the graph port, use the ID: The NIC model on your machine is shown below. Next
There is a configuration button on the page. Click this button to enter the NIC Properties dialog box, which contains five properties pages.
Click the second advanced page. There are two items under the attribute identifier: Link Speed/Duplex Mode.
For speed, we need to change the following Network Address, click this item, under the value icon on the right of the dialog box, there are
Two single options, which do not exist by default, we only need to select the above single option, and then enter in the box on the right you want to change
The MAC address of the NIC. Click OK. Wait a while and the NIC address will be changed. You don't even need to disable the Nic!
You can also open the properties page of the NIC in the settings manager to modify the settings.
B .1. in "HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Class \ 4D36E972-E325-
11CE-BFC1-08002BE10318 \ 0000, 0001, 0002 "and other primary keys, because you may have installed more than one network
Card, so under this primary key, the primary key can have multiple primary keys similar to "0000, 0001". At this time, you can find
DriverDesc indicates the primary key that matches the description of the ENI to be modified, for example, "0000 ".
　　
2. In the primary key mentioned above, add a string named "NetworkAddress" and set its value to the MAC
Address, such as "001010101010 ".
　　
3. Add a primary key value of "NetworkAddress" to "NDI \ params" under the primary key, and add a name under the primary key
It is a string of "default" and the value is the MAC address to be set. It must be written consecutively, for example, "001010101010 ".
　　
[Note] In fact, this is only set to the "Initial Value" in the advanced attribute mentioned later. The actual MAC address is determined.
The "NetworkAddress" parameter mentioned in, and the value of the advanced attribute is
The value given by "NetworkAddress" is not given by "default.
　　
4. Add a string named "ParamDesc" under the primary key of "NetworkAddress". The function is to specify
Description of the "NetworkAddress" primary key. The value can be "MAC Address" (you can also set it as needed. This is only a description.
, Does not matter, this value will appear as a description when you directly modify the MAC address), so restart once
In the future, open the network neighbor attribute. Double-click the corresponding Nic and you will find an advanced setting under which there is a MAC Address (
It is the ParamDesc (^ 29041103a ^) option you set earlier. This is what you set in the Registry in step 2.
Add the new "NetworkAddress". You only need to modify the MAC address here.
　　
5. Close Registry Editor and restart. Your NIC address has been changed. Open the properties of the network neighbor and double-click the corresponding
Nic items will find an advanced configuration item for MAC Address. Used to directly modify the MAC address without restarting.
You can change the MAC address at any time.
In WinXP
Most NICs can change their MAC addresses by modifying the NIC attributes in the control panel. In Device Manager ",
Right-click the NIC icon to modify the MAC address and select the "properties/advanced" tab. In the "attribute" area, you can
Click a project named "Network Address" or another similar name under the "value" on the right.
, Enter the MAC address value to be specified. You must enter 12 hexadecimal numbers or letters consecutively. Do not enter "-".
In addition, software that can modify MAC can be run under XP/W2K. You can search for it online, so it is not detailed here.
Introduction
Linux
Use # ifconfig eth0 down to disable the NIC first, and then use ifconfig eth0 hw ether 1234567890ab,
In this way, the change is successful.
To change it permanently, add these three sentences in/etc/rc. d/rc. local (you can also add the following three lines in/etc/init. d/network.
)
Ifconfig eth0 down
Ifconfig eth0 hw ether 1234567890ab
Ifconfig eth0 up
If you want to restore the MAC Address of the Network card to its original state, you only need to set the single option on the right of the Network Address item to the following.
You can restart the instance after it is not displayed. In WIN2000, the selection does not exist. Of course, you do not need to restart it.
Ii. SNMP (Simple Network Management Protocol) is used to discover multi-host internet access. Some routers and ADSL cat built-in SNMP services
By scanning the software (ipscan, superscan...), we found that port 161 is open, and port 161 is SNMP (Simple Network
Is the number of hosts discovered through the SNMP protocol, and xscan is used to scan for vulnerabilities in cats?
The default password is displayed. you can log on to the management interface of the cat but cannot find a place to close the SNMP service. It seems to be a backdoor,
From this, we can basically determine the number of hosts found through the SNMP protocol. To further confirm, a management software using SNMP
Check the connection status of the ADSL cat through ActiveSNMP, as shown in Figure 2. You can clearly see that through the SNMP protocol
The number of hosts in the network.
Solution:
1. If the cat can disable the SNMP protocol, disable port 161 for SNMP.
If you share Internet access in the routing mode, you can go to the management interface and disable the SNMP option. If the management interface of the cat is irrelevant
Close SNMP option had to buy a router without SNMP service, such as TP-LINK TL-R400, put in adsl moden and
In the middle of the hub, for example, create a NAT service in the vro so that an address is entered into the ADSL cat.
Shared Internet access is solved. Disable the SNMP protocol in the vro.
2. modify the configuration file to convert the configuration into a file, use the binary editing tool to change the default password, and then load
In cats, this is just a way of thinking. I have never tried it.
3. Monitor the number of concurrent ports. If the number of concurrent ports exceeds the set number, it is determined to be shared.
This is an unpleasant setting. The "Network Vanguard" constantly scans the number of ports opened by users, which is more than the set value.
The disconnection is shared. Sometimes, when you press the F5 key several times, it is considered to be shared, and even a single user's Internet access is affected, this cannot be cracked.
(Unless you have hacked the network), the solution here is to pretend to be an innocent user to call the ISP's customer service.
If it doesn't work, change the ISP. The network will be normal in a moment.
4. "Network Vanguard" also used unknown methods to test shared information from the shared computer. The current solution is as follows:
All shared clients need to install the firewall and set the security level to the highest. Due to limited conditions, only a few anti-DDoS attacks have been tried.
Fire wall, found Kingsoft network valve V (http://www.gz-pet.com/Soft_Show.asp? SoftID = 10) useful for configuring IP address rules
All rules in allow others to access the local machine are not allowed. PING the local machine is allowed to prevent ICMP attacks, and IGMP attacks should also be checked.
. If it is WINXP, open the network firewall of the NIC.
After the above method is used, the local machine cannot be seen on the local LAN, and after WINXP opens the network firewall of the NIC,
Files cannot be transmitted on QQ, and the network speed slows down, but they can be shared again. If you have a good solution, please let us know.
In general, "Network Vanguard" is still an immature product, mainly because it also has an impact on single-user Internet access.
Pages are often refreshed several times. Some webpages are complex. When you call several server files, they are also shared, resulting in webpages.
Some cannot be displayed. Moreover, the "Network Vanguard" keeps scanning the bandwidth occupied by user ports, leading to slow speed.