Experiment Science and Technology, Volume. 22, Issue 2, 1(2024)
Design of DHCP Multi-level Experiment Based on eNSP, VirtualBox and Kali
Figures & Tables(18)
Table 1. [in Chinese]
View tableView in ArticleTable 1. [in Chinese]
实验项目 核心配置 实验结果 实验1 dhcp enable interface GigabitEthernet0/0/0 ip address 11.1.1.1 255.255.255.0 dhcp select interface dhcp server excluded-ip-address 11.1.1.2 dhcp server lease day 8 hour 0 minute 0 dhcp server dns-list 11.1.1.2 
实验2 dhcp enable ip pool dhcp1 gateway-list 192.168.1.254 network 192.168.1.0 mask 255.255.255.0 excluded-ip-address 192.168.1.10 lease day 8 hour 0 minute 0 dns-list 114.114.114.114 interface GigabitEthernet0/0/0 ip address 192.168.1.1 255.255.255.0 dhcp select global 
Table 2. [in Chinese]
View tableView in ArticleTable 2. [in Chinese]
实验项目 核心配置 实验结果 实验4 #路由器R1配置: dhcp enable ip pool dhcp_vlan10 gateway-list 192.168.10.254 network 192.168.10.0 mask 255.255.255.0 #dhcp_vlan20地址池配置与dhcp_vlan10类似 interface GigabitEthernet0/0/0 ip address 192.168.100.1 255.255.255.0 dhcp select global ip route-static 192.168.10.0 255.255.255.0 192.168.100.2 ip route-static 192.168.20.0 255.255.255.0 192.168.100.2 #交换机LSW3配置: interface Vlanif10 ip address 192.168.10.254 255.255.255.0 dhcp select relay dhcp relay server-ip 192.168.100.1 #虚接口Vlanif20的配置与Vlanif10类似 interface Vlanif100 ip address 192.168.100.2 255.255.255.0 interface GigabitEthernet0/0/1 port link-type access port default vlan 10 #GigabitEthernet0/0/2与GigabitEthernet0/0/1配置类似 PC3: 
实验5 WindowsServer服务器配置和前面类似,本项目需要建2个作用域;作用域[192.168.30.0] dhcp_vlan30、作用域[192.168.40.0] dhcp_vlan40 #交换机LSW4配置: interface Vlanif30 ip address 192.168.30.254 255.255.255.0 dhcp select relay dhcp relay server-ip 192.168.56.2 #虚接口Vlanif40配置与Vlanif30类似 interface GigabitEthernet0/0/1 port link-type access port default vlan 10 #GigabitEthernet0/0/2、GigabitEthernet0/0/3的配置与#GigabitEthernet0/0/1类似 PC4: 
Table 3. [in Chinese]
View tableView in ArticleTable 3. [in Chinese]
核心配置 实验结果 合法 #LSW5、LSW6配置省略,可参见实验4 #合法DHCP服务器配置代码: dhcp enable ip pool dhcp_vlan10 gateway-list 192.168.10.254 network 192.168.10.0 mask 255.255.255.0 excluded-ip-address 192.168.10.253 lease day 8 hour 0 minute 0 dns-list 8.8.8.8 interface GigabitEthernet0/0/0 ip address 192.168.100.1 255.255.255.0 dhcp select global ip route-static 192.168.10.0 24 192.168.100.2 PC5获得合法DHCP服务器分配地址: 
非法 #仿冒服务器配置代码: dhcp enable ip pool dhcp_vlan10 gateway-list 192.168.10.253 network 192.168.10.0 mask 255.255.255.0 excluded-ip-address 192.168.10.254 lease day 8 hour 0 minute 0 dns-list 1.1.1.1 interface GigabitEthernet0/0/0 ip address 192.168.10.253 255.255.255.0 dhcp select global PC5获得非法DHCP服务器分配地址: 
Table 4. [in Chinese]
View tableView in ArticleTable 4. [in Chinese]
实验名称 DHCP 仿冒攻击的防御 饿死攻击的防御 核心配置 #LSW5配置 dhcp snooping enable interface Ethernet0/0/1 dhcp snooping enable interface GigabitEthernet0/0/1 dhcp snooping trusted #LSW6配置与LSW5类似 #LSW7配置 #在可能攻击的交换机端口上进行相应配置,以Ethernet0/0/1为例 interface Ethernet0/0/1 dhcp snooping enable #解决dhcpstarv攻击 dhcp snooping check dhcp-chadd enable #解决yersinia攻击 port-security enable port-security max-mac-num 5 port-security protect-action shutdown
Tools
Get Citation
Copy Citation Text
Nan JIA, Lei SHI, Jingxia GUO, Li XU, Jinniu BAI. Design of DHCP Multi-level Experiment Based on eNSP, VirtualBox and Kali[J]. Experiment Science and Technology, 2024, 22(2): 1
Paper Information
Category:
Received: Nov. 20, 2022
Accepted: --
Published Online: May. 21, 2024
The Author Email: Jinniu BAI (白金牛)
© Copyright 2018-2021 | Chinese Laser Press.
All Rights Reserved 沪ICP备15018463号-20