Good evening friends. We have seen how to create a virtual pentest lab both in Oracle VirtualBox (see here) and Vmware Workstation(see here). Although both penetration testing labs were almost similar, there is a small difference between them . As the title of this howto already implies it is the absence of DHCP server in the pentest lab we created using Virtualbox. VirtualBox provides a DHCP server but it can’t be turned on using the GUI feature unlike Vmware Workstation. So let’s see how to enable DHCP server in Virtualbox networks. I am going to assign DHCP server to my pentest lab I created above. I will assume that virtualbox is installed on Windows. Open CMD and navigate to the directory where Virtualbox is installed. By default it will be “C:Program Files OracleVirtualBox”. Type the command “vboxmanage dhcpserver add –ip 10.10.10.1 –netmask 255.0.0.0 –lowerip 10.10.10.2 –upperip 10.10.10.10 –netname pentestlab”. Hit Enter.
In the above command, “vboxmanage dhcpserver add –ip 10.10.10.1” starts a DHCP server with IP address 10.10.10.1 . The “–netmask 255.0.0.0″ assigns subnet mask for the network. The “–lowerip” and “–upperip” options assign a lower ip address and upper ip address respectively. The “–enable” option enables the DHCP server we just created. The “–netname” option assigns a name to the network. Now we have successfully created an internal network named pentest lab with its own DHCP server. Now change the network adapter settings of the attacker machine ( Kali Linux ) to pentest lab.
Similarly change the network settings of the victim machine.
Now start the attacker machine (Kali Linux) to see if the IP address is automatically assigned. If the IP address has not been assigned, disable the adapter using command “ifdown eth0″ and re enable it by typing command “ifup eth0″. Now check if the IP address has been assigned or not by typing command “ifconfig”.
Similarly check on the victim machine.
We can see that the IP addresses have been automatically assigned successfully starting from the range of 10.10.10.2. Hope this was helpful.
There are a few tuts available for Packet tracer on internet but I have made this guide keeping absolute beginners in mind and when I say absolute beginners, I mean really absolute beginners. In this guide we are going to create a star topology and see the difference between hub and a switch.
To those people who don’t know what Packet Tracer is, it is a software developed by Cisco that can simulate networks and can be really helpful for people preparing for CCNA. See How to install Packet Tracer in Windows and Linux.
So Let’s start our tutorial. Open Packet Tracer. On the lower left corner, there are components required for creating a network. There are routers, switches, End devices, Hubs, Wireless Devices, Connections etc.
Click on “Hubs”. To the right, you should see types of hubs displayed. Click on the first type ‘Generic‘, move your mouse to the workspace above and click on the point you want to place your hub.
Click on the hub we just placed in our workspace. You are shown the physical view of the hub and it is a physical view literally. You can even see the Power button of the hub.
Click on the “Config” tab just beside the “Physical” tab. You are shown the global settings of the hub. You can change the display name of the hub hers. Change it from “Hub0″ to “Hub”. Then close it.
Now we are going to place five computers around the hub to form Hub and Spoke topology. From the components on the lower left corner click on “Enddevices”. From the options displayed, click on the first choice called “Generic” hold “CTRL” key and click on the workspace at five points around the hub where you want to place your computers. This is a shortcut to place many devices.
Click on any “PC”. You should see something similar to “CPU”.This is the physical view of the PC. We can even see the Power button.
Click on the “Config” tab beside “Physical” tab. On the global settings, change the name of the PC to “PC 1″. On gateway/DNS select “DHCP”. We will set up a DHCP server to assign IP addresses to the PC’s. You can have a look at other tabs beside “Config” tab.
Perform this action for other PC’s also and name them differently. Then from “End Devices”select “Server” and place it on the workspace as below.
Click on “Server”. Go to “Config” tab. We can see the services which can be configured on our servers HTTP, DHCP etc etc.
Click on “DHCP”. Keep the Pool name, default gateway and DNS server same. Give “starting IP address” as “192.168.0.1″ and “subnet mask” as “255.255.255.0″. Turn on DHCP service if it is OFF. Click on “Save”.
Click on the interface “FastEthernet” to the left. Set IP configuration as static and give “IP address” as 192.168.0.1 and “subnet mask” as “255.255.255.0″. Close the window.
Now we are going to connect our devices. In the components to the lower left corner, Click on “Connections”.
Different types of cabling are displayed. Here’s where Packet tracer assists in our learning abilities. If you are not sure what type of wiring to use, click on the first choice ‘automatic‘. Then on the workspace, click on “Server” and then click on the “Hub”. A connection is established. If the connection end points are red, then there is some problem with your wiring. If end points show green, then your wiring is alright.( We learn that we have to use copper straight through cabling in Star Topology.)
Do the same for all connections.
After some time, IP addresses are assigned to all systems by the DHCP server. Hover the mouse over the systems to check if IP addresses are assigned or not.
Now let’s see the functioning of the hub. Click on “Simulation” beside “Realtime” as shown below.
The Event List window will open. Click on “Edit Filters”. We will see various protocols.
Deselect “Show All/None” option. All options are deselected. Then Select ICMP option. What we are doing is trying to ping the machine.
Close the Event List window.
Click on “Add Simple PDU” as shown below. When we move the mouse on the workspace we can see a white envelope moving along with the mouse.
First click on the sending device( Click on “PC0″). Then select the receiving device( Click on the “Server”). It should be clear to you that we are pinging the server from PC0. Our screen would like this.
We will now see how packets travel from PC0 to the Server. Click on “Capture/Forward” as shown below.
Click on “Capture/Forward”again. The ping travels from PC0 to the hub.
Click on “Capture/Forward” again. The hub forwards the frame on all the ports, except the port through which the frame came in. All hosts except Server discard the frame since it is not addressed to them.
Click on “Capture/Forward”. The server forwards a frame to the hub.
Click on “Capture/Forward”. The hub once again forwards the frame on all ports except the input port. All hosts except PC0 discard it since it is not addressed to them. The simulation success message is shown as below.
To see the list of complete events undergone in this communication, Click on “Event List” as shown below.
As already seen Hubs forward a frame they receive on all the outbound ports except the port through which it received the frame. When connected using hubs, the host devices share same bandwidth of the medium. Since they share the same bandwidth, hosts can send frames at the same time on the medium which can result in collisions. In order to prevent frame collisions, Ethernet uses “Carrier Sense Multiple Access/Collision detect(CSMA?CD)”. Of course this prevents collisions but it still consumes a lot of bandwidth. The only solution is to this problem is to make the collision domain as small as possible.
Let’s see how.
Click on “Delete” as shown below.
Click on the hub. This will delete the hub and also the connections.
Replace it with a “2960″ switch and make the connections in the same way as done previously.
Add a simple ICMP PDU as done previously.
Click on “Capture/Forward”. The first frame travels to the switch.
Click on “Capture/Forward” again. The switch forwards the frame only to the Server, it’s intended destination.
Subsequently the frame is forwarded to switch which forwards it to PC0 thus completing the communication.
Now How does this happen?
This happens because a switch creates only one collision domain per port forwarding frames only on the outbound port that reaches the destination of the frame. Since the hosts work in their own isolated collision domain, frames will never collide thus solving the problem of collisions.