Sunday, October 14, 2018

Lab 11

Lab 11

In this lab  I looked at how to perform a man in the middle attack, and I worked with subnets. The lab was also supposed to involve VLANs, but our lab environment did not allow is to use VLANs. Instead we just used 2 seperate switches to achieve the same results.

Exercise 1

For this first exercise, I had to set up a secure HTTPS website.







Exercise 2

In this exercise I set up a man in the middle attack. This is basically a proxy that forces all the traffic through itself. Using this I can see all the traffic travelling between machines. Since the traffic here is HTTPS traffic secured with TLS, I can't see the contents.






Exercise 3

This exercise is where I get past the TLS encryption to see the contents of the traffic. Using sslstrip I can get an HTTP version of the site allowing me to see unsecured contents.




Exercise 4

In this exercise I set up network segmentation. Instead of using VLANs I just used 2 seperate switches. 
When I was setting up the Vyos router, config.bare did not exist. I figured out that it must just load a bare configuration without any network configuration, so I turned to find another way to reset the configuration to have nothing. One option was to manually remove configurations, but the easiest way was to load the default configuration with this command: 
config load /opt/vyatta/etc/config.boot.default

I then did the rest of the exercise and had everything communicating between subnets.






Exercise 5

For this exercise I used ARP poisoning to sniff traffic passing through the default gateway, so the Vyos router. 



Critical Thinking

Looking back on this lab, it really highlighted how simple it is to perform attacks on the network, and it shows how important using secure protocols and other methods to secure a network are. Businesses should make sure that their networks are designed in a secure way to reduce the chance of malicious attacks happening. This exercise also really shows how dangerous a normal unsecured network is. If you connect to public WiFi or similar, anybody could be intercepting your traffic and stealing information. Everybody should be taking measures to make sure that their traffic is properly secured.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)