Results 1 to 10 of 10

Thread: Stepping into networking Share/Save - My123World.Com!

  1. #1

    Stepping into networking

    Networks and networking might have fascinated you, coz of it you are able to read my post!

    Networking is a vast field. And to begin with, your self study is must along with certifications. To start of, people usually go with CompTIA N+, then move on to Cisco CCNA and further. To step in O'Reilly's TCP/IP Network Administration is a good book (you can google for it). It a good guide to catch and learn networking. Next when moving to routing and switching, Cisco packet tracer is a good choice to do virtual practicals and configure networks at your own.



    Further, you can move onto GNS3 simulator, try hands on a better environment. I am just about to begin my journey stoppage with GNS3! So networking will be a good journey and I hope to learn lots of new things. I hope many of you must be experienced and would like to do experimentation as I do a lot of times on networks, routers. Hoping for further inputs.

    Regards
    The three great essentials to achieve anything worth while are: Hard work, Stick-to-itiveness, and Common sense. - Thomas A. Edison
    __________________________________________________ _____________________

  2. #2
    Security Researcher
    Join Date
    May 2011
    Location
    Pune, Maharashtra, India
    Posts
    237
    Blog Entries
    1
    hey i have been asking this to many people. can you post a guide on how to configure virtualbox machines as clients inside gns3.

    actually i wanted to use a simple network 1-2 switch, 1 router, coupled with a victim machine and a BT machine.

    hope you are getting an idea.

    BT could be used to attack and demonstrate attack for both victim machine and switch or router with obsolute firmwares.
    Website :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

    Blog :
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

  3. #3
    Ok bro. I have just started gns3. It will take some time to get familiar. But I will try making this scenario for sure
    The three great essentials to achieve anything worth while are: Hard work, Stick-to-itiveness, and Common sense. - Thomas A. Edison
    __________________________________________________ _____________________

  4. #4

    :)

    Wow..now thats my type of question

    Its easy sir, you can go either the hard way, the not so hard way..or the easy way.

    The hard way (its not so hard..but a comparison for difficulty wrt the other method) includes installing microsoft loopback adapter , integrating it into a cloud module into GNS3 and natting it, then connect it to a simple cisco router (if you want to be easy on ssystem resources , since emulation chomps up a lot of memory then choose an ios with less memory requirements and then messing with ideal values till you spot the right one, and lastly using cpu/per process manipulation (note : manipulation not monitoring..cpulimit anyone ? ) to control cpu usage to get the max juice out of system)) . then the basic config begins,the simplest i can think of is this.

    Code:
    !
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname Router
    !
    boot-start-marker
    boot-end-marker
    !
    !
    no aaa new-model
    memory-size iomem 5
    !
    !
    ip cef
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface Ethernet0/0
    ip address 192.168.1.0 255.255.255.0
    half-duplex
    !
    interface Ethernet0/1
    no ip address
    shutdown
    half-duplex
    !
    interface Ethernet0/2
    no ip address
    shutdown
    half-duplex
    !
    interface Ethernet0/3
    no ip address
    shutdown
    half-duplex
    !
    !
    ip http server
    ip forward-protocol nd
    ip route 0.0.0.0 255.255.255.0 192.168.137.1
    !
    !
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    !
    !
    !
    !
    !
    line con 0
    line aux 0
    line vty 0
    password rdx
    login
    line vty 1 4
    login
    !
    !
    end

    once done, your loopback adapter will be fully activated , setup your virtual box machine with backtrack/linux/any other OS and bridge the lan adapter of virtual box with loopback adapter you created, give it an ip of the same subnet you assigned to gateway (i highly recommend including a third party hardway to create an internet sharing interface for maximum fun..like your android phone acting as a wireless router).., add static routes and add routes according to your configuration in the machine (for host machine )

    Code:
    route ADD a.b.c.d MASK xxx.yyy.zzz.mmm  k.l.m.n METRIC 3 IF 2
    where a.b.c.d are ip address you want to reach and xxx.yyy.zzz.mmm is the mask and k.l.m.n is the next hop . And I do hope I dont need to elaborate that how to add routes in Linux (in windows..its a bit arcane as most users i encounter dont know they can be added..but Linux is a different behemoth.) .. neverthless..you can setup a default route to virtual adapter gateway (and make sure you know your iptables if you have messed with some already)

    Code:
    route add default gw a.b.c.d  eth0

    Check if everything is pinging.

    Congrats ) you have successfully linked all the machines..now go play. I actually messed with metasploit/sivus/sipscan on my vbox to test voip pentest in a simulated environment using this method as it was much closer to a real world scenario.



    the second method deals with bundled Qemu hosts..but I think I can cover a full blown tutorial to do the job (the only problem is time :| ), the easiest way in the mean time is to download Technoglov's GNS3 mod (0.8.1 ) with unofficial vitual box support which will save you from the major headache of configuring everything manually..except the router.
    Last edited by rishabhd; 11-16-2011 at 11:54 PM. Reason: make it a bit aesthetic :)
    Hear my rants at
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    .

  5. #5
    There..I actually made a simulation of an ISP and a real world user. There are 2 systems (linux Tiny core and Windows XP) and 1 server (Linux DSL configured as webserver) connected to an MPLS cloud (vrf Rishabh) which handles 3 locations, the windows user is located in remote location say Delhi, the Linux user is at Pune and the linux server is at Bangalore (lets assume), the ISP is say Airtel it has provided the connectivity to the end links using third party ISP routers (lets say Spectranet which uses Maipu routers) . The data from remote flows from ISP cloud, and in case the main links are down, secondary server link is provided using VRRP through ISP, which again in case goes down (in case of an earthquake..2012 style ) then we have an onsite backup which uses 2 failover links configured over HSRP (any other ISP..Tulip ? =) )




    The best part is :

    1. One can capture packets using the capture command in central dynamips console,dump them.. forge them (<3 ostinato) , network packet fuzzers ahoy (codenomicon anyone ? :D )
    2. Metasploit .. nuff said :) (can be run on host machine and attacks can be done using the connected virtual adapter (think of the possibilities :)) ) .
    3. Digium asteriesk can be configured on Linux Server (one is enough) and then VOIP attacks can be studied using SiVus/SIPSCAN/sip_invite_spoof/invite forge/ostinato/<insert your share of ideas> here in a real simulated scenario :))

    Waiting for your inputs :)
    Last edited by rishabhd; 11-18-2011 at 01:08 PM. Reason: aesthetics purposes..sorry..not much of a forums guy :D
    Hear my rants at
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    .

  6. #6
    Garage Addict 41.w4r10r's Avatar
    Join Date
    Jul 2010
    Location
    Pune
    Posts
    338
    Blog Entries
    3
    Access Violation at location 0x41414141
    OMG Knowledge Overflowing

    thats some awesome Networking stuff...

    rishabhd thanks for such elaborated post...

    keep them coming..

  7. #7
    rishabhd thats the wonderful scenario and that will help many users who require to practice also before u work on simulators go to this site

    The World's First Free Cisco Lab - Firewall.cx Cisco Networking, Security VPN, Routing & VoIP CCME Portal this is help to understand basic stuffs in network

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


    Hire a Hacker by the Night and Hire a Chief Security Officer (CSO) by the Day.

  8. #8
    Hey great post rishabd
    By the way on what config you running this ? and which version of GNS ? Are the routers with real Cisco OS image ?
    Cause last time more than a year ago I had tried such multiple routers with real cisco OS to simulate DNS vulnerability but it used to die on PC (P4-WinXp-512MB) where it was installed. More than 3-4 routers would crash GNS in that scenario.
    Orkut id: neo1981
    Blog: infosec-neo.blogspot.com
    Nothing is Impossible*


    *Conditions Apply

  9. #9
    Network Security Administrator Hackuin's Avatar
    Join Date
    Apr 2011
    Location
    10011001 10011001
    Posts
    104
    @neo:
    For comfortability, 4GB RAM is required for that scenario.
    2GB, May also work. Not sure. Didn't tried it.
    And, 512MB is too low for 2+ router/Cisco IOS images.
    "Free software" is a matter of liberty, not price. To understand the concept, you should think of "free" as in "free speech," not as in "free beer."
    "Microsoft is not the answer. Microsoft is the question. NO (or Linux) is the answer."
    "Ubuntu - Linux For Human Beings."

    Currently reading books:
    Integrating Forensic Investigation Methodology into eDiscovery -- by Colin Chisholm.
    Digital Forensics with Open Source Toolss -- by Cory Altheide && Harlan Carvey.

  10. #10
    Contrary to popular belief, GNS is *not* RAM intensive, take this example, 3640 running on 64 MB RAM base ios X 6 = ~384 MB ram, with 3 VMs taking approx 256 MB ram (XP 100 + 100 DSL + 48 Tinycore) , it all wraps into a sound memory package. GNS is cpu intensive, thats where cpulimit/bes (along with router process optimization) comes in, and did i tell you I ran it on my mini netbook ? (hp dm3210-au)
    Hear my rants at
    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    .

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •