Mininet-5
Continuation of the previous experiment (MININET-4), this experiment to simulate ARP attacks and how to prevent ARP attacks
Role
H1 for the user, constantly to communicate with H2
H4 as an attacker, attempting to eavesdrop on information H1 and H2 communication
Required Mounting Kit
sudo apt-get install zlib1g zlib1g-devsudo apt-get install build-essentialsudo apt-get install ettercap
Attention!!! If there is an error in the above installation mode, execute the following line directly:
sudo apt-get install ettercap-graphical
#!/usr/bin/env pythonfrom mininet.cli Import clifrom mininet.net import mininetfrom mininet.link import Link,TCLinkif ' __ main__ ' = = __name__: Net = mininet (link=tclink) h1 = Net.addhost (' H1 ', ip= "192.168.10.1/24", mac= "00:00:00:00:00:01") H2 = Net.addhost (' H2 ', ip= "192.168.10.2/24", mac= "00:00:00:00:00:02") h3 = Net.addhost (' h3 ', ip= "192.168.20.1/24", mac= " 00:00:00:00:00:03 ") h4 = Net.addhost (' h4 ', ip=" 192.168.10.3/24 ", mac=" 00:00:00:00:00:04 ") R0 = Net.addhost (' r0 ') S0 = Net . Addhost (' S0 ') Net.addlink (H1, S0) Net.addlink (H2, S0) Net.addlink (S0, R0) Net.addlink (R0, H3) Net.addlink (S0, H4) Net.bu ILD () R0.cmd ("Echo 1 >/proc/sys/net/ipv4/ip_forward") r0.cmd (' ifconfig r0-eth0 192.168.10.254 netmask 255.255.255.0 ') r0.cmd (' ifconfig r0-eth1 192.168.20.254 netmask 255.255.255.0 ') h1.cmd ("IP route add default via 192.168.10.254 Dev h1- Eth0 ") h2.cmd (" IP rotue add default via 192.168.10.254 dev H2-eth0 ") h3.cmd (" IP route add default via 192.168.20.254 Dev H 3-eth0 ") h4.cmd (" IP route add defauLt via 192.168.10.254 Dev H4-eth0 ") s0.cmd (" Brctl addbr br0 ") s0.cmd (" Brctl addif br0 s0-eth0 ") s0.cmd (" Brctl addif br0 S0 -eth1 ") s0.cmd (" Brctl addif br0 s0-eth2 ") s0.cmd (" Brctl addif br0 s0-eth3 ") #s0. cmd (" Brctl setageing br0 0 ")---> here to comment Drop S0.cmd ("Ifconfig br0 Up") CLI (NET) net.stop ()
First, we use xterm to open H1 H4.
Before the attack, we can see that H4 currently has no way to eavesdrop on H1-->H2 's message.
At this time, another open a H4 terminal, and opened the Ettercap ettercap -G
Press theSniff
Select the network interface you want to listen to
Set 192.168.10.1 to TARGET1---> mean to deceive 192.168.10.1 I'm 192.168.10.2
Set 192.168.10.2 to TARGET2---> mean to deceive 192.168.10.2 I'm 192.168.10.1
Select ARP attack
Press OK
Just press OK in the instant, will find H1--->H2 message has been h4 monitoring!!!!
We can verify if it's ARP poisoning.主机名 arp -n
As you can see, although different IPs, but have the same MAC Address!!!
Attention!! So how do you prevent ARP attacks?
ANS: Set the static ARP
When we manually set up the ARP, H4 will not be able to continue to monitor!!
Mininet (lightweight software-defined network and test Platform) v (ARP Attack and defense)