Chapter 5. Network Service Attacks

To successfully penetrate a secured environment you must have a good understanding of what you are facing. The enumeration data gathered will assist in determining target prioritization. By the end of this chapter, you should be able to choose which targets are ideal candidates for your initial attacks. Certain attack types make more "noise" than others, thus a targeted attack will be less likely to be noticed. Thanks to the hard work of the open source community, we have a large selection of tools available to help us enumerate networks. In this chapter, we will discuss the following:

  • How to add an additional computer to our virtual lab
  • Advanced Nmap scanning techniques
  • Adding custom Nmap scripts to your arsenal
  • Saving time with SNMP
  • Base-lining your target networks with PBNJ
  • Avoiding enumeration attempts—confusing the enemy

    Tip

    Some examples in this chapter take advantage of firewalls and IDS logs to allow the reader to understand the impact certain scans and techniques have on the network. We will review the installation and configuration of both in later chapters.

Configuring and testing our lab clients

Let's start both of our virtual machines, then configure and test the network connectivity.

Kali – manual ifconfig

In Kali, open up a terminal and type the following:

# ifconfig eth1 192.168.50.10 netmask 255.255.255.0 broadcast 192.168.50.255 promisc

We set eth1, which is on our virtual lab segment, to the IP address of 192.168.50.10, the network mask to 255.255.255.0, and the broadcast address to 192.168.50.255. As an added bonus, we also set the device into the promiscuous mode.

Ubuntu – manual ifconfig

Open up a terminal in Ubuntu_TestMachine_1 using the top menu bar and navigating through Applications | Accessories | Terminal. Type sudo ifconfig to check your current configuration. If everything is configured correctly, you should not have an IP address assigned to eth0. We will rectify that situation by repeating the steps used for our Kali machine. This time, we will use eth0 rather than eth1, and we will not place this network adapter in the promiscuous mode.

# sudo ifconfig eth0 192.168.50.20 netmask 255.255.255.0 broadcast 192.168.50.255

Verifying connectivity

We will attempt to ping the machines to verify connectivity. On Kali, type the following:

# ping 192.168.50.20 -c 3

On the Ubuntu_TestMachine_1, type the following:

# ping 192.168.50.10 -c 3

If everything is configured correctly, you should see something along the lines of the following screenshot:

Verifying connectivity

Maintaining IP settings after reboot

If you would like to have the network information statically assigned without having to manually enter this information each time, you can edit the /etc/network/interfaces file for the appropriate Ethernet device.

Tip

The following step may be completed for both virtual machines. Be sure to use the proper IP and adapter information for each machine.

Here is an example of what you would need to change in that file for the Kali guest machine:

auto eth1
iface eth1 inet static
address 192.168.50.10
netmask 255.255.255.0
network 192.168.50.0
broadcast 192.168.50.255

Be sure to restart the network service after modifying this file (/etc/init.d/networking restart).

Ubuntu users can use uncomplicated firewall (ufw) to manage the host-based iptables firewall. The examples in this chapter that mention the use of a host-based firewall are taking advantage of this fact. More information about ufw can be found at https://help.ubuntu.com/lts/serverguide/firewall.html.

Tip

This firewall is easy to configure and very stable. Ufw is disabled by default, but can be enabled by simply typing sudo ufwenable.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset