Dynamic Host Configuration Protocol

All posts tagged Dynamic Host Configuration Protocol

Good evening friends. We have seen how to create a virtual pentest lab both in Oracle VirtualBox (see here) and Vmware Workstation(see here). Although both penetration testing labs  were almost similar, there is a small difference between them . As the title of this howto already implies it is the absence of DHCP server in the pentest lab we created using Virtualbox. VirtualBox provides a DHCP server but it can’t be turned on using the GUI feature unlike Vmware Workstation. So let’s see how to enable DHCP server in Virtualbox networks. I am going to assign DHCP server to my pentest lab I created above. I will assume that  virtualbox is installed on Windows. Open CMD and navigate to the directory where  Virtualbox is installed. By default it will be “C:Program Files OracleVirtualBox”. Type the command “vboxmanage dhcpserver add –ip 10.10.10.1 –netmask 255.0.0.0 –lowerip 10.10.10.2 –upperip 10.10.10.10 –netname pentestlab”. Hit Enter.

vd1

 

In the above command, “vboxmanage dhcpserver  add –ip 10.10.10.1” starts a DHCP server with IP address 10.10.10.1 . The “–netmask 255.0.0.0″ assigns subnet mask for the network. The “–lowerip” and “–upperip” options assign a lower ip address and upper ip address respectively.   The “–enable” option enables the DHCP server we just created. The “–netname” option assigns a name to the network. Now we have successfully created an internal network named pentestlab with its own DHCP server. Now change the network adapter settings of the attacker machine ( Kali Linux ) to pentestlab.

vd2

 

Similarly change the network settings of the victim machine.

vd3

 

Now start the attacker machine (Kali Linux) to see if the IP address is automatically assigned. If the IP address has not been assigned, disable the adapter using command “ifdown eth0″ and re enable it by typing command “ifup eth0″. Now check if the IP address has been assigned or not by typing command “ifconfig”.

vd4

 

Similarly check on the victim machine.

vd5

 

We can see that the IP addresses have been automatically assigned successfully starting from the range of 10.10.10.2. Hope this was helpful.

Understanding subnetting is very important not only for those preparing for CCNA exam but also network administrators. Today, I am going to teach you how to create a subnet in a network. For this, I will use Packet Tracer software. To know what is subnetting and why we need it go here. So let’s start.

Imagine I formed a small software company named shunya whose network looks like below. I hired one Java developer, one software tester, one HR and one network administrator. I have been assigned the IP address range from 192.168.10.1 to 192.168.10.255.

subnet1

 

I have enabled DHCP on my router as below.

subnet2

 

subnet3

After one year, imagine my company has received Abrahamic blessings from GOD and has seen rapid growth. Now the company has three Java developers, three software testers and  a dedicated HR team. Not only that, my company now has moved into Remote Infrastructure Management(RIM) and has a Network Operation Center(NOC) and Security Operation Center(SOC).  Total I have 15 computers in my network which looks like below.

subnet4

 

Now see the image below. Here the machine “JD1″ sends a packet to machine “Testing3″. We can see here that for communication between machines “JD1: and “Testing3″ other machines have also been disturbed.

subnet5

 

So for this reason, I decided to subnet the network. I decide to divide the network into three subnets as shown below.

subnet6

 

To create a subnet, first we need to have proper planning as to how many subnets we need and how many we may need in the future. Presently, I need three subnets. The number of subnets should always be calcutated in the powers of 2.

2 to the power of 1 = 2

This doesn’t satisfy our requirement as we need three subnets.

2 to the power of 2 = 4

This satisfies our requirement. So we need to take two bits from the host portion of the IP address. 192.168.10.1 to 192.168.10.255 is the address range available to us with subnet mask 255.255.255.0,  Writing the subnet mask in the binary notation, it is

11111111 11111111 11111111 00000000

 255            255          255             0  

The first 24 bits are network bits and the last eight bits are host bits. To create three subnets, we need to take two bits from the host portion of the address as explained above.

11111111 111111111 11111111 11000000

   255              255            255         192

Four subnets which can be created from the above subnet mask are,

192.168.10.0 to 192.168.10.63 ( with host bits 00000000 )

192.168.10.64 to 192.168.10.127 ( with host bits 01000000 )

192.168.10.128 to 192.168.10.191 ( with host bits 10000000 )

192.168.10.192 to 192.168.10.255 ( with host bits 11000000 )

Since we require only three subnets, we will create the first three subnets. The first subnet ( 192.168.10.1 to 192.168.10.63 ) comprises of Java Developers and Software testers. The commands are as below on the interface.

subnet7

 

If you go to any machine on this subnet and look at its IP address, it will be like below.

subnet8

Now the subnet for the Human Resource Department ( 192.168.10.128 to 192.168.10.191 ) . This will be like below.

subnet9

 

 

subnet10

 

The third subnet ( 192.168.10.64 to 192.168.10.127 ) comprises of NOC and SOC.

subnet11

 

 

subnet12

 

 

Now our network has been successfully subnetted into three subnets and we still have another subnet to use for future use.

subnet13

 

 

Hope this was helpful. If you have any doubts regarding this article please comment below. Thank you.

 

I am self learning for CCNA. A few months back, I got a thought if we can simulate routers in Vmware Workstation. While I was searching for it I found a different solution, GNS3. After simulating routers in GNS3 and practising CLI interface, I had another idea if we can simulate CISCO Graphical User Interface on our PC. This article is  result of that.

In this article, we are not only going to see how to connect Vmware and GNS3 but also see how to simulate CISCO Graphical user Interface (GUI). For this I use,

1. Vmware Workstation 9.

2. Windows XP as Guest OS.

3. Cisco Security Device Manager v25.

4. GNS3.

5.  C7200 Router Image.

Open Vmware Workstation. On the menu Select “Edit>Virtual Network Editor”. On the Virtal network editor, click on “Vmnet1″ network. It is a default Host-only type network adapter of Vmware. Observe its settings. Enable DHCP server.

vmgns1

 

Install Windows XP as a guest. On its virtual machine settings, change the network adapter to “Vmnet1″.

vmgns2

 

Power on the machine. Install Cisco SDM ( I leave the getting Cisco SDM part to you ). Open CMD and type “ipconfig” to see its IP address. Take note of this.

vmgns3

Open GNS3. Click on “Browse all devices”.

vmgns4

 

Select Router “c7200″ and drag it to the workspace. Do the same with “Cloud”.

vmgns5

 

Close the All Devices tab. Right click on the Cloud.  Select “Configure”, a ‘node configurator’ window will open. On this window, click on “C1″.

vmgns6

On the NIO Ethernet tab, in the “Generic Ethernet NIO tab” dropdown menu, select our network adapter (Vmnet1) from the dropdown menu and click on “Add”. Click on “OK” to close the window.

vmgns7

Right click on the router. Select “Configure”, click on “R1″. Select slots tab. In the Slot 1 dropdown menu, select “PA-4E”. Click on Apply an close the window. The selection PA-4E creates four Ethernet ports on the router. Right click on the router and start the router.

vmgns8

Add a link from “cloud( Vmnet1)” adapter to the “e1/0″ port on the router.

vmgns9

Hover your mouse over the router. We can see all the ports.

vmgns10

Similarly hover your mouse over the cloud to see its connections.

vmgns11

 

Right click on the router and select “Console”. In the global configuration mode, type the following commands.

ip http server”

ip http secure-server”

These commands set up http and https servers respectively which are needed for Cisco SDM.

vmgns12

Type the command “interface Ethernet 1/0″. We are entering into specific configuration mode of our connected interface. Type the command “ip address 192.168.10.3 255.255.255.0″. This sets the interface IP address and subnet mask. Make sure the router IP address is in the same subnet as that of our guest OS in Vmware workstation. Type “no shut” and exit to the privileged mode.

vmgns13

Let’s ping our guest from the router. to ensure that we are connected to Vmware Guest.

vmgns14

Since success rate is 100%  we have successfully connected Vmware and GNS3. Now let’s do the Cisco SDM part. On our Guest machine click on Cisco SDM. A SDM launcher window will open. Type the IP address of the router and click on Launch.

n16

 

Internet Explorer will open as below. Make sure Internet Explorer is configured to allow pop ups and to allow Activex to run from the computer.

n17

 

After some time the following popup will open. Don’t close it.

n18

 

Then we might see a certificate warning. Click on Yes.

n19

 

After some processing, Cisco SDM will open.

n20

 

We have successfully simulated Cisco GUI on our PC. Happy practice friends.


There are a few tuts available for Packet tracer on internet but I have made this guide keeping absolute beginners in mind and when I say absolute beginners, I mean really absolute beginners. In this guide we are going to create a star topology  and see the difference between hub and a switch.

To those people who don’t know what Packet Tracer is, it is a software developed by Cisco that can simulate networks and can be really helpful for people preparing for CCNA. See How to install Packet Tracer in Windows and Linux.

So Let’s start our tutorial. Open Packet Tracer. On the lower left corner, there are components required for creating a network. There are routers, switches, End devices, Hubs, Wireless Devices, Connections etc.

ptsgb1

 

Click on “Hubs”. To the right, you should see types of hubs displayed. Click on the first type ‘Generic‘, move your mouse to the workspace above and click on the point you want to place your hub.

ptsgb2

Click on the hub we just placed in our workspace. You are shown the physical view of the hub and it is a physical view literally. You can even see the Power button of the hub.

ptsgb3

 

Click on the Config” tab just beside the “Physical” tab. You are shown the global settings of the hub. You can change the display name of the hub hers. Change it from “Hub0″ to “Hub”. Then close it.

ptsgb4

 

Now we are going to place five computers around the hub to form Hub and Spoke topology. From the components on the lower left corner click on “End devices”. From the options displayed, click on the first choice called “Generic” hold “CTRL” key and click on the workspace at five points around the hub where you want to place your computers. This is a shortcut to place many devices.

ptsgb5

 

Click on any PC”. You should see something similar to “CPU”. This is the physical view of the PC. We can even see the Power button.

ptsgb6

 

Click on the “Config” tab beside “Physical” tab. On the global settings, change the name of the PC to “PC 1″. On gateway/DNS select “DHCP”. We will set up a DHCP server to assign IP addresses to the PC’s. You can have a look at other tabs beside “Config” tab.

ptsgb7

 

Perform this action for other PC’s also and name them differently. Then from “End Devices” select “Server” and place it on the workspace as below.

ptsgb8

 

Click on “Server”. Go to “Config” tab. We can see the services which can be configured on our servers HTTP, DHCP etc etc.

ptsgb9

 

Click on “DHCP”. Keep the Pool name, default gateway and DNS server same. Give “starting IP address” as “192.168.0.1″ and “subnet mask” as “255.255.255.0″. Turn on DHCP service if it is OFF. Click on “Save”.

ptsgb10

 

Click on the interface “FastEthernet” to the left. Set IP configuration as static and give “IP address” as 192.168.0.1 and “subnet mask” as “255.255.255.0″. Close the window.

ptsgb11

 

Now we are going to connect our devices. In the components to the lower left corner, Click on “Connections”.

ptsgb12

 

Different types of cabling are displayed. Here’s where Packet tracer assists in our learning abilities. If you are not sure what type of wiring to use, click on the first choice automatic. Then on the workspace, click on Server” and then click on the “Hub”. A connection is established. If the connection end points are red, then there is some problem with your wiring. If end points show green, then your wiring is alright.( We learn that we have to use copper straigtht through cabling in Star Topology.)

ptsgb13

 

Do the same for all connections.

ptsgb14

 

After some time, IP addresses are assigned to all systems by the DHCP server. Hover the mouse over the systems to check if IP addresses are assigned or not.

ptsgb15

 

Now let’s see the functioning of the hub. Click on “Simulation” beside “Realtime” as shown below.

ptsgb16

 

The Event List window will open. Click on “Edit Filters”. We will see various protocols.

ptsgb17

 

Deselect “Show All/None” option. All options are deselected. Then Select ICMP option. What we are doing is trying to ping the machine.

ptsgb18

 

Close the Event List window.

ptsgb19

 

Click on “Add Simple PDU” as shown below. When we move the mouse on the workspace we can see a white envelope moving along with the mouse.

ptsgb20

 

First click on the sending device( Click on “PC0″ ). Then select the receiving device( Click on the “Server” ). It should be clear to you that we are pinging the server from PC0. Our screen would like this.

ptsgb21

 

We will now see how packets travel from PC0 to the Server. Click on “Capture/Forward” as shown below.

ptsgb22

 

Click on “Capture/Forward” again. The ping travels from PC0 to the hub.

ptsgb23

 

Click on “Capture/Forward” again. The hub forwards  the frame on all the ports, except the port through which the frame came in. All hosts except Server discard the frame since it is not addressed to them.

ptsgb24

 

Click on “Capture/Forward”. The server forwards a frame to the hub.

ptsgb25

 

Click on “Capture/Forward”. The hub once again forwards the frame on all ports except the input port. All hosts except PC0 discard it since it is not addressed to them. The simulation success message is shown as below.

ptsgb26

 

To see the list of complete events undergone in this communication, Click on “Event List” as shown below.

ptsgb27

 

As already seen Hubs forward a frame they receive on all the outbound ports except the port through which it received the frame. When connected using hubs, the host devices share same bandwidth of the medium. Since they share the same bandwidth, hosts can send frames at the same time on the medium which can result in collisions. In order to prevent frame collisions, Ethernet uses “Carrier Sense Multiple Access/Collision detect(CSMA?CD)”. Of course this prevents collisions but it still consumes a lot of bandwidth. The only solution is to this problem is to make the collision domain as small as possible.

Let’s see how.

Click on “Delete” as shown below.

ptsgb28

 

Click on the hub. This will delete the hub and also the connections.

ptsgb29

 

Replace it with a “2960″ switch and make the connections in the same way as done previously.

ptsgb30

 

Add a simple ICMP PDU as done previously.

ptsgb31

 

Click on “Capture/Forward”. The first frame travels to the switch.

ptsgb32

 

Click on “Capture/Forward” again. The switch forwards the frame only to the Server, it’s intended destination.

ptsgb33

 

Subsequently the frame is forwarded to switch which forwards it to PC0 thus completing the communication.

ptsgb34

 

Now How does this happen?

This happens because a switch creates only one collision domain per port forwarding frames only on the outbound port that reaches the destionation of the frame. Since the hosts work in their own isolated collision domain, frames will never collide thus solving the problem of collisons.

Microsoft has always been recommending the Server Core Installation for its servers over the full server installation. As is well known, Server Core Installation which is the minimal install of the server version reduces the space for attack vector by hackers. It also reduces the usage of resources. But the Server Core Installation makes administration intimidating as it requires the administrators to be a powershell expert.
With Windows Server 2012, Microsoft has introduced a new feature that would allow switching from Server GUI to Server Core Installation and vice versa. This enables administrators to install and configure the server in GUI and then switch to Server Core installation. Although there are many ways to switch from Server GUI to Server Core installation, the easiest way to perform this switching is by simple powershell commands. I am gonna show you how. For this, I have installed Windows Server 2012 standard GUI installation in Vmware workstation.

2012sgsc1

Then open powershell and type the command

Remove-windowsfeature Server-gui-shell,Server-gui-mgmt-infra” and hit Enter.

2012sgsc2

The process of disabling the GUI starts and the display is as same as below.

2012sgsc3

After a short time, the process is completed and it prompts you for a restart.

Restart the machine by typing “shutdown –R –T 0″ and hit ENTER.

2012sgsc4

After the reboot, the system asks for administrator passwordon entering which it switches to Server Core Installation.

2012sgsc5

To enable back the GUI, enter into powershell by typing command “powershell.exe” in the cmd and hit ENTER. In powershell, type the same command as above replacing Remove with Install and hit ENTER.

Install-windowsfeature server-gui-shell,server-gui-mgmt-infra”

2012sgsc6

After completing the process, the system prompts for a reboot. Reboot the system by typing command “shutdown –r  –t 0″ and hit ENTER.

The system successfully  switches over to Standard GUI installation.

2012sgsc8

Note:

Although the Server Core Installation is the preferred deployment, it does not support all roles. The roles supported by the server core installation are,

  • Active Directory Domain Services
  • Active Directory Certificate Services
  • DHCP server.
  • DNS server.
  • AD LDS
  • Hyper-V
  • Streaming Media services
  • Print and Document Services
  • Web server
  • Windows update server
  • Active Directory Rights Management Server
  • Routing and Remote Access Server.