Mininet (lightweight software-defined network and test Platform) v (ARP Attack and defense)

Source: Internet
Author: User

Mininet-5

Continuation of the previous experiment (MININET-4), this experiment to simulate ARP attacks and how to prevent ARP attacks

Role

H1 for the user, constantly to communicate with H2
H4 as an attacker, attempting to eavesdrop on information H1 and H2 communication

Required Mounting Kit
sudo apt-get install zlib1g zlib1g-devsudo apt-get install build-essentialsudo apt-get install ettercap

Attention!!! If there is an error in the above installation mode, execute the following line directly:

sudo apt-get install ettercap-graphical
#!/usr/bin/env pythonfrom mininet.cli Import clifrom mininet.net import mininetfrom mininet.link import Link,TCLinkif ' __ main__ ' = = __name__: Net = mininet (link=tclink) h1 = Net.addhost (' H1 ', ip= "192.168.10.1/24", mac= "00:00:00:00:00:01") H2 = Net.addhost (' H2 ', ip= "192.168.10.2/24", mac= "00:00:00:00:00:02") h3 = Net.addhost (' h3 ', ip= "192.168.20.1/24", mac= " 00:00:00:00:00:03 ") h4 = Net.addhost (' h4 ', ip=" 192.168.10.3/24 ", mac=" 00:00:00:00:00:04 ") R0 = Net.addhost (' r0 ') S0 = Net . Addhost (' S0 ') Net.addlink (H1, S0) Net.addlink (H2, S0) Net.addlink (S0, R0) Net.addlink (R0, H3) Net.addlink (S0, H4) Net.bu ILD () R0.cmd ("Echo 1 >/proc/sys/net/ipv4/ip_forward") r0.cmd (' ifconfig r0-eth0 192.168.10.254 netmask 255.255.255.0 ') r0.cmd (' ifconfig r0-eth1 192.168.20.254 netmask 255.255.255.0 ') h1.cmd ("IP route add default via 192.168.10.254 Dev h1- Eth0 ") h2.cmd (" IP rotue add default via 192.168.10.254 dev H2-eth0 ") h3.cmd (" IP route add default via 192.168.20.254 Dev H 3-eth0 ") h4.cmd (" IP route add defauLt via 192.168.10.254 Dev H4-eth0 ") s0.cmd (" Brctl addbr br0 ") s0.cmd (" Brctl addif br0 s0-eth0 ") s0.cmd (" Brctl addif br0 S0 -eth1 ") s0.cmd (" Brctl addif br0 s0-eth2 ") s0.cmd (" Brctl addif br0 s0-eth3 ") #s0. cmd (" Brctl setageing br0 0 ")---> here to comment Drop S0.cmd ("Ifconfig br0 Up") CLI (NET) net.stop ()

First, we use xterm to open H1 H4.


Before the attack, we can see that H4 currently has no way to eavesdrop on H1-->H2 's message.

At this time, another open a H4 terminal, and opened the Ettercap ettercap -G

Press theSniff

Select the network interface you want to listen to

Set 192.168.10.1 to TARGET1---> mean to deceive 192.168.10.1 I'm 192.168.10.2
Set 192.168.10.2 to TARGET2---> mean to deceive 192.168.10.2 I'm 192.168.10.1


Select ARP attack

Press OK

Just press OK in the instant, will find H1--->H2 message has been h4 monitoring!!!!

We can verify if it's ARP poisoning.主机名 arp -n


As you can see, although different IPs, but have the same MAC Address!!!

Attention!! So how do you prevent ARP attacks?
ANS: Set the static ARP

When we manually set up the ARP, H4 will not be able to continue to monitor!!

Mininet (lightweight software-defined network and test Platform) v (ARP Attack and defense)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.