Being able to change your IP address and other network information is a useful skill because it will help you access other networks while appearing as a trusted device on those networks. For example, in a denial-of-service (DoS) attack, you can spoof your IP so that that the attack appears to come from another source, thus helping you evade IP capture during forensic analysis. This is a relatively simple task in Linux, and it’s done with the ifconfig command.
Step 01 : Changing Your IP Address
To change your IP address, enter ifconfig followed by the interface name. For example, to assign the IP address 192.168.226.111 to interface eth0, you would enter the following:
#ifconfig eth0 192.168.181.115
When you do this correctly, Linux will simply return the command prompt and say nothing. When you again check your network connections with ifconfig, you should see that your IP address has changed to the new IP address you just assigned.
Step 02 : Changing Your Network Mask and Broadcast Address
You can also change your network mask (netmask) and broadcast address with the ifconfig command. For instance, if you want to assign that same eth0 interface with a netmask of 255.255.255.0 and a broadcast address of 192.168.1.255, you would enter the following:
#sudo ifconfig eth0 192.168.226.112 netmask 255.255.0.0 broadcast 192.168.1.255
Step 03 : Spoofing Your MAC Address
You can also use ifconfig to change your MAC address. The MAC address is globally unique and is often used as a security measure to keep hackers out of networks . Changing your MAC address to spoof a different MAC address is almost trivial and neutralizes those security measures. Thus, it’s a very useful technique for bypassing network access controls. Here’s an example:
#sudo ifconfig eth0 down
#sudo ifconfig eth0 hwether 00:11:22:33:44:55
#sudo ifconfig eth0 up
Now, when you check your settings with ifconfig, you should see that the mac address has changed to your new spoofed IP address!
Step 04 : Assigning New IP Addresses from the DHCP Server
Linux has a Dynamic Host Configuration Protocol (DHCP) server that runs a a process that runs in the background called dhcpd. The DHCP server assigns IP addresses to all the systems on the subnet and keeps log files of which IP address is allocated to which machine at any one time. This makes it a great resource for forensic analysts to trace hackers with after an attack. For that reason, it’s useful to understand how the DHCP server works.
To request an IP address from DHCP, simply call the DHCP server with the command dhclient followed by the interface you want the address assigned to. Different Linux distributions use different DHCP clients, but Kali is built on Debian, which uses dhclient. Therefore, you can assign a new address like this:
#sudo dhclient eth0
Depending on the configuration of the DHCP server, the IP address assigned in each case might be different.
Latest posts by Ruwantha Nissanka (see all)
- 4 ways to hide your identity using linux - January 18, 2021
- How To Install Kali Linux in Virtualbox - December 31, 2020
- Kali Linux : The OS That Hackers Use - December 31, 2020
- How to monitor user activity in Linux with Acct - December 30, 2020
- Debsecan : You will not miss another security update - December 28, 2020