실습> iptables 에서 MAC주소 설정하기
-m mac --mac-source <맥주소>
Client(Admin) MITM Server
[Victim1(WinXP)] <-- 192.168.108.2 [Attacker] 192.168.108.105 --> [Victim2(CentOS7)]
192.168.108.105 192.168.108.102 192.168.108.100
00:0c:29:0e:30:1e 00:0c:29:e6:4d:4a 00:0c:29:1c:3a:76
Victim2# iptables -F
Victim2# iptables -A INPUT -m mac --mac-source 11:22:33:44:55:66 -j ACCEPT
Victim2# iptables -nL INPUT
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 MAC 11:22:33:44:55:66
iptables -F
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A INPUT -m state --state ESTABLISHEd,RELATED -j ACCEPT
iptables -A INPUT -s 192.168.108.1 -j ACCEPT
iptables -A INPUT -s 192.168.108.105 -m mac --mac-source 00:0c:29:0e:30:1e -j ACCEPT
iptables -A INPUT -j DROP
Victim2# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 192.168.108.1 0.0.0.0/0
ACCEPT all -- 192.168.108.105 0.0.0.0/0 MAC 00:0C:29:0E:30:1E
DROP all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Attacker# ssh -b 192.168.108.105 192.168.108.100
<-- 접속 X (Victim2에서는 IP주소와 MAC주소 2개가 매칭되어야 접속이 되므로 여기서는
IP주소만 매칭이 되므로 접속이 거부된다.)
'Linux > 모의해킹' 카테고리의 다른 글
| ARP 정적 변경하기 (0) | 2022.01.11 |
|---|---|
| Victim2 의 IP 주소와 MAC 주소의 정책을 우회하기 (0) | 2022.01.08 |
| IP Spoofing 기법을 이용한 방화벽 우회 (0) | 2022.01.08 |
| DNS Spoofing 공격 (0) | 2022.01.08 |
| ARP Redirect 공격 (0) | 2022.01.08 |