Scribd
Upload
18 views6 pages

LAN Security: MAC Flooding & Spoofing

lab1.pdf

Uploaded by

boblim508
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
18 views6 pages

LAN Security: MAC Flooding & Spoofing

lab1.pdf

Uploaded by

boblim508
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

ICT2203 Network Security

2020-2021 Trimester 3

Laboratory 1:
Attacks and Defense of LAN with Switches Part 1

LEARNING OUTCOMES

Upon completion of this laboratory exercise, you should be able to:

• Conduct and defend against MAC flooding attack


• Conduct and defend against switch spoofing attack

REQUIRED HARDWARE

• 1 x Rack of Cisco network devices


• 1 x Box of Ethernet and console cables
• 3 x Laptops

REQUIRED SOFTWARE

• Tera Term 4.105 @ [Link]


• Kali Linux (Live) in bootable USB drive

EXERCISE 1: CONDUCTING AND DEFENDING AGAINST MAC FLOODING ATTACK

1.1: Conducting MAC Flooding Attack using macof

1.1.1 Setup up the network topology as shown:

1
This study source was downloaded by 100000900209603 from [Link] on 08-25-2025 [Link] GMT -05:00

[Link]
ICT2203 Network Security

1.1.2 Boot up host A, B and C in Kali Linux and assign suitable IP addresses
manually.

1.1.3 Ping host B and C from A, and vice versa, to ensure your setup is working
correctly.

1.1.4 Before commencing MAC flooding attack, connect any laptop to the console
port of the switch to observe the MAC address table, e.g. as shown in Lab 1
Notes pg 11 and 13.

1.1.5 Start a terminal in Kali Linux at host C to install macof as shown:

1.1.6 For testing purpose, launch macof to send 5 Ethernet frames with random
source MAC addresses as shown in Lab 1 Notes pg 10.

1.1.7 Show the MAC address table again. What do you observe?

1.1.8 Now, modify the parameters of macof to conduct MAC flooding attack. Refer
to [Link] on the use of macof.

1.1.9 Show the MAC address table again. What do you observe?

2
This study source was downloaded by 100000900209603 from [Link] on 08-25-2025 [Link] GMT -05:00

[Link]
ICT2203 Network Security

1.1.10 Start Wireshark in Kali Linux at host C. (You are advised to stop macof before
starting Wireshark to prevent crashing Wireshark.)

1.1.11 Ping host B from A, and vice versa. Can your Wireshark capture the ping
packets? Why or why not? Explain.

1.1.12 If you could not capture the ping packets in 1.1.11, find out the problem and
resolve it so that you are able to demonstrate successfully the conduct of
MAC flooding attack and capturing of ping packets.

1.2: Defending MAC Flooding Attack using Port Security

1.2.1 Try enabling different options of Port Security as discussed in Lab 1 Notes pg
15-19.

1.2.2 When done, show the MAC address table before MAC flooding attack.

1.2.3 Launch macof to conduct MAC flooding attack again.

1.2.4 What happen to the port connected to host C now after MAC flooding attack?

1.2.5 Show the MAC address table again. What do you observe?

1.2.6 Do you think Port Security is a good defense against MAC flooding attack?
Briefly explain.

3
This study source was downloaded by 100000900209603 from [Link] on 08-25-2025 [Link] GMT -05:00

[Link]
ICT2203 Network Security

EXERCISE 2: CONDUCTING AND DEFENDING AGAINST SWITCH SPOOFING ATTACK

2.1: Conducting Switch Spoofing Attack using Yersinia

2.1.1 Setup the network topology as shown:

2.1.2 Configure the switch ports connected to Server 1 in VLAN 10, Server 2 in VLAN
20, and 802.1Q trunk between the two switches as shown in the diagram.
Leave all other switch ports in default VLAN 1 dynamic auto mode.

Note: If you need help, refer to ICT1010 Lab on Configuring VLANs and
Trunking.

2.1.3 Configure the router to support inter-VLAN routing, specifically router-on-a-


stick.

Note: If you need help, refer to ICT1010 Lab on Configuring Routers and
Layer-3 Switch for Inter-VLAN Routing.

2.1.4 Boot up Server 1, Server 2 and attacker's host in Kali Linux.

2.1.5 Assign suitable IP addresses to Server 1 and 2 manually.

2.1.6 Ping Server 2 from Server 1, and vice versa, to ensure your setup is working
correctly.

2.1.7 Before commencing switch spoofing attack, show the mode of the interface
connected to the attacker's host as shown in Lab 1 Notes pg 26.

4
This study source was downloaded by 100000900209603 from [Link] on 08-25-2025 [Link] GMT -05:00

[Link]
ICT2203 Network Security

2.1.8 Start a terminal in Kali Linux at attacker's host to install Yersinia as shown:

2.1.9 Launch Yersinia in interactive or graphical mode as shown in Lab 1 Notes pg


24-25 to conduct switch spoofing attack.

2.1.10 Show the mode of the interface connected to the attacker's host again after
switch spoofing attack. What do you observe?

2.1.11 Start Wireshark in Kali Linux at attacker's host.

2.1.12 Ping Server 2 from Server 1, and vice versa. Can your Wireshark capture the
ping packets? Why or why not? Explain.

2.1.13 If you could not capture the ping packets in 2.1.12, find out the problem and
resolve it so that you are able to successfully capture at least one ping packet.

5
This study source was downloaded by 100000900209603 from [Link] on 08-25-2025 [Link] GMT -05:00

[Link]
ICT2203 Network Security

2.2: Defending against Switch Spoofing Attack

2.2.1 Implement defense against switch spoofing attack as discussed in Lab 1 Notes
pg 27-28.

2.2.2 Launch Yersinia to conduct switch spoofing attack again.

2.2.3 Show the mode of the interface connected to the attacker's host after the
switch spoofing attack. What do you observe?

2.2.4 Do you think the recommended defenses are effective against switch
spoofing attack? Briefly explain.

6
This study source was downloaded by 100000900209603 from [Link] on 08-25-2025 [Link] GMT -05:00

[Link]
Powered by TCPDF ([Link])

You might also like