【无标题】

！《^_^》！

于 2023-10-29 23:51:10 发布

阅读量96

点赞数

文章标签：网络 windows

本文链接：https://blog.csdn.net/weixin_75223986/article/details/134110240

版权

任务二 DHCP欺骗劫持与防御策略

一、任务目的

掌握DHCP的欺骗原理与DHCP监听配置

二、任务设施、设备

win10、华为ensp、VMware、win7

三、任务拓扑图

四、基本配置

R1:

[Huawei]int g0/0/0 [Huawei-GigabitEthernet0/0/0]ip add 192.168.1.1 24 [Huawei-GigabitEthernet0/0/0]int g0/0/1 [Huawei-GigabitEthernet0/0/1]ip add 192.168.2.1 24 [Huawei-GigabitEthernet0/0/1]q [Huawei]sy R1 [R1]rip 1 [R1-rip-1]version 2 [R1-rip-1]network 192.168.1.0 [R1-rip-1]network 192.168.2.0 [R1]ip route-static 0.0.0.0 0.0.0.0 182.168.2.2

R2: [R2]int g0/0/0 [R2-GigabitEthernet0/0/0]ip add 192.168.2.2 24 [R2-GigabitEthernet0/0/0]int s2/0/0 [R2-Serial2/0/0]ip add 202.116.64.1 24 [R2-Serial2/0/0]int g0/0/1 [R2-GigabitEthernet0/0/1]ip add 172.16.1.1 24 [R2]rip 1 [R2-rip-1]version 2 [R2-rip-1]network 192.168.2.0 [R2-rip-1]network 172.16.0.0 [R2-rip-1]q [R2]ip route-static 0.0.0.0 0.0.0.0 s2/0/0

R3: [Huawei]sy R3 [R3-GigabitEthernet0/0/0]ip add 203.203.100.1 24 [R3-Serial2/0/0]ip add 202.116.64.2 24 [R3-Serial2/0/0] [R3-Serial2/0/0]q

R2 easy-ip配置

[R2]acl 2000 [R2-acl-basic-2000]rule permit source 192.168.1.0 0.0.0.255 [R2-acl-basic-2000]rule permit source 192.168.2.0 0.0.0.255 [R2-acl-basic-2000]rule permit source 172.16.1.0 0.0.0.255 [R2]int s2/0/0 [R2-Serial2/0/0]nat outbound 2000 [R2-Serial2/0/0]q

R2配置DHCP服务，给技术部和工程部主机分配IP地址 [R2]dhcp enable [R2]ip pool jishu Info: It's successful to create an IP address pool. [R2-ip-pool-jishu]network 192.168.1.0 mask 24 [R2-ip-pool-jishu]gateway-list 192.168.1.1 [R2-ip-pool-jishu]dns-list 192.168.2.254 [R2-ip-pool-jishu]excluded-ip-address 192.168.1.2 192.168.1.9 [R2-ip-pool-jishu]q [R2]ip pool gongcheng Info: It's successful to create an IP address pool. [R2-ip-pool-gongcheng]network 172.16.1.0 mask 24 [R2-ip-pool-gongcheng]gateway-list 172.16.1.1 [R2-ip-pool-gongcheng]dns-list 192.168.2.254 [R2-ip-pool-gongcheng]excluded-ip-address 172.16.1.2 172.16.1.9 [R2-ip-pool-gongcheng]q [R2]ip pool jishu [R2-ip-pool-jishu]q [R2]int g0/0/0 [R2-GigabitEthernet0/0/0]dhcp select global [R2-GigabitEthernet0/0/0]int g0/0/1 [R2-GigabitEthernet0/0/1]dhcp select global

[R1]dhcp enable Info: The operation may take a few seconds. Please wait for a moment.done. [R1]int g0/0/0 [R1-GigabitEthernet0/0/0]dhcp relay server-ip 192.168.2.2

配置dns服务器：

五、入侵实战

1、网络拓扑图

2、伪造dhcp服务器R4配置

[R4]dhcp enable Info: The operation may take a few seconds. Please wait for a moment.done. [R4]ip pool forget Info: It's successful to create an IP address pool. [R4-ip-pool-forget]network 192.168.1.0 mask 24 [R4-ip-pool-forget]gateway-list 192.168.1.1 [R4-ip-pool-forget]dns-list 192.168.1.8 [R4]int g0/0/0 [R4-GigabitEthernet0/0/0]dhcp select global [R4-GigabitEthernet0/0/0]q

3、伪造dns服务器配置

4、验证入侵结果

六、防御策略

1、交换机SW1的配置 [SW1]dhcp enable Info: The operation may take a few seconds. Please wait for a moment.done. [SW1]dhcp snooping enable [SW1]dhcp snooping enable vlan 1 [SW1]int g0/0/3 [SW1-GigabitEthernet0/0/3]dhcp snooping trusted [SW1-GigabitEthernet0/0/3]q

2、任务验证（IP地址更新）

dns服务器更新

七、任务总结

此次实验让我学习到了如何通过伪造dns服务器来劫持所转发的企业数据包，也学会了如何防范这种攻击。攻击者在局域网中设置一台恶意主机，其IP地址与合法的DHCP服务器相同或者伪装成合法的DHCP服务器。攻击者的恶意主机会快速响应DHCP请求，并提供虚假的IP地址、网关和DNS服务器等信息。这样，受害者主机就会错误地配置网络，并将其数据发送到攻击者的主机上。