Mitnick Attack lab
Slide 1 of 1
-
attachment_1attachment_1
Unformatted Attachment Preview
Quiz8_The Mitnick Attack Lab
The objective of this lab is to recreate the classic Mitnick attack, so students can gain the first-hand
experience on such an attack. We will emulate the settings that was originally on ShimomuraÊcomputers, and then launch the Mitnick attack to create a forged TCP session between two of
Shimomuraàcomputers. If the attack is successful, we should be able to run any command on
Shimomuraàcomputer.
This lab covers the following topics:
CP session hijacking attack
CP three-way handshake protocol
he Mitnick attack
emote shell rsh
acket sniffing and spoofing
uild and launch the network
Notice the network has 3 machines
1. Attacker-10.9.0.105
2. Trusted-server-10.9.0.6
3. X-terminal-10.9.0.5
Before the attack, we need to set up the trusted relationshop between X-Terminal ( 10.9.0.5 ) and
Trusted Server ( 10.9.0.6 ).
ogin to x-terminal and trusted server
n X-Terminal: Set up the trust relationship
n Trusted Server: Verify the trust relationship
Task 1: Simulated SYN flooding
o to X-Terminal, and add an ARP entry for 10.9.0.6 (trusted server). We can use a fake MAC
address.
Task 2: Spoof TCP Connections and rsh Sessions
o launch the attack, we need to do the following:
tep 1: Spoof a SYN packet from Trusted server to X-terminal.
Notice that srv-port must be 1023
tep 2: Step 1 will trigger X-Terminal to send out a SYN+ACK. We need to spoof an ACK to finish
the handshake protocol.
tep 3: After sending the ACK, the connection will be established. We will then send out the RSH
data using this connection.
¨Create a to the trusted server, then from that connection (while code is running), type: su seed,
then rsh 10.9.0.5 date, then monitor output on the other trusted server terminal
ou can see that after getting the RSH data, X-Terminal will initiate the second connection and
send it to the Trusted Server. We need to spoof an ACK. If this connection cannot be
established, X-Terminal will abort. , then try the code below
hen complete Task 3 (Task 3: Set Up a Backdoor)
Purchase answer to see full
attachment
The objective of this lab is to recreate the classic Mitnick attack, so students can gain the first-hand
experience on such an attack. We will emulate the settings that was originally on ShimomuraÊcomputers, and then launch the Mitnick attack to create a forged TCP session between two of
Shimomuraàcomputers. If the attack is successful, we should be able to run any command on
Shimomuraàcomputer.
This lab covers the following topics:
CP session hijacking attack
CP three-way handshake protocol
he Mitnick attack
emote shell rsh
acket sniffing and spoofing
uild and launch the network
Notice the network has 3 machines
1. Attacker-10.9.0.105
2. Trusted-server-10.9.0.6
3. X-terminal-10.9.0.5
Before the attack, we need to set up the trusted relationshop between X-Terminal ( 10.9.0.5 ) and
Trusted Server ( 10.9.0.6 ).
ogin to x-terminal and trusted server
n X-Terminal: Set up the trust relationship
n Trusted Server: Verify the trust relationship
Task 1: Simulated SYN flooding
o to X-Terminal, and add an ARP entry for 10.9.0.6 (trusted server). We can use a fake MAC
address.
Task 2: Spoof TCP Connections and rsh Sessions
o launch the attack, we need to do the following:
tep 1: Spoof a SYN packet from Trusted server to X-terminal.
Notice that srv-port must be 1023
tep 2: Step 1 will trigger X-Terminal to send out a SYN+ACK. We need to spoof an ACK to finish
the handshake protocol.
tep 3: After sending the ACK, the connection will be established. We will then send out the RSH
data using this connection.
¨Create a to the trusted server, then from that connection (while code is running), type: su seed,
then rsh 10.9.0.5 date, then monitor output on the other trusted server terminal
ou can see that after getting the RSH data, X-Terminal will initiate the second connection and
send it to the Trusted Server. We need to spoof an ACK. If this connection cannot be
established, X-Terminal will abort. , then try the code below
hen complete Task 3 (Task 3: Set Up a Backdoor)
Purchase answer to see full
attachment
Explanation & Answer:
1000 words
User generated content is uploaded by users for the purposes of learning and should be used following our honor code & terms of service.
Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."
