DNS - Laboratory for Computer Security Education 1 DNS...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Laboratory for Computer Security Education 1 DNS Pharming Attack Lab Copyright c c 2006 - 2009 Wenliang Du, Syracuse University. The development of this document is funded by the National Science Foundation’s Course, Curriculum, and Laboratory Improvement (CCLI) program under Award No. 0618680 and 0231122. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. A copy of the license can be found at http://www.gnu.org/licenses/fdl.html. 1 Lab Overview DNS (Domain Name System) is the Internet’s phone book; it translates hostnames to IP addresses (or IP addresses to hostnames). This translation is through DNS resolution, which happens behind the scene. DNS Pharming attacks manipulate this resolution process in various ways, with an intent to misdirect users to alternative destinations, which are often malicious. The objective of this lab is to understand how such attacks work. Students will first set up and configure a DNS server, and then they will try various DNS Pharming attacks on the target that is also within the lab environment. 2 Lab Environment We need to setup the lab environment as the figure below. To simplify the lab environment, we let the user’s computer, DNS server, and attacker’s computer be on one physical machine, but using different virtual machines. The website used in this lab can be any website. Our configuration is based on Ubuntu , which is the operating system we use in our pre-built virtual machine. User DNS Server Attacker 192.168.0.100 192.168.0.10 192.168.0.200 | | | |_______________________|_______________________| | LAN or Virtual Network | |_______________________________________________| | Internet The above is the figure of the lab environment. As you can see, we set up the DNS server, the user machine and the attacker machine in the same LAN. We assume that the user machine’s IP ad- dress is 192.168.0.100 , the DNS Server’s IP is 192.168.0.10 and the attacker machine’s IP is 192.168.0.200 . Note for Instructors: For this lab, a lab session is desirable, especially if students are not familiar with the tools and the environments. If an instructor plans to hold a lab session (by himself/herself or by a TA), it is suggested the following to be covered in the lab session 1 : 1 We assume that the instructor has already covered the concepts of the attacks in the lecture, so we do not include them in the lab session.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Laboratory for Computer Security Education 2 1. The use of the virtual machine software. 2. The use of Wireshark , Netwag , and Netwox tools. 3. Configuring the DNS server. 2.1
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 12

DNS - Laboratory for Computer Security Education 1 DNS...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online