DEV Community

fyyg8
fyyg8

Posted on

ANALYZING, MANAGING & UNDERSTANDING NETWORKS

-1. To change the IP address i.e. to assign an IP address to an interface.

  • Format: ifconfig <interface> <ip_addr>

  • Example: ifconfig eth0 192.168.220.128

-2. To assign network mask and a broadcast address to an interface.

  • Example: ifconfig eth0 192.168.220.128 netmask 255.255.0.0 broadcast 192.168.220.255 #-3. spoofing MAC address (steps) – always use down option to take down the interface then assign new physical address to the interface . 
ifconfig eth0 down
ifconfig eth0 hw ether 00:11:22:33:44:55
ifconfig eth0 up
Enter fullscreen mode Exit fullscreen mode

-4. Assigning new IP addresses from the DHCP server i.e. here we are making use of dhcpd (daemon or process) which is running in the background. We are going to use dhcpclient to request for an IP address for the specific interface. This is happening without shutting down the system or restarting it.

dhclient eth0

-5. Examine DNS

DNS is the service that translates a domain name example.com to the appropriate IP address. DNS information can be a key piece in reconnaissance. Information such as Target’s IP, email server, subdomains and respective IP addresses.
dig example.com ns
//this command will dig-out name server related information.
dig example.com mx
// will dig-out info on a domain mail exchange servers.

-6. Changing DNS server on the system

We need to edit a file called : /etc/resolv.conf using any text-editor . Add DNS IP such as 8.8.8.8 (Google’s Public DNS) or any DNS IP and save the file. DONE !!!
We can add any number of DNS server IP, our OS queries each DNS server listed in the order it appears in the file i.e. if one server doesn’t respond it will move to another and so forth.
NOTE: If one is using a DHCP address and the DHCP server provides a DNS setting which will replace the contents of the file /etc/resolv.conf when it renews the DHCP address.

-7. Mapping our IP addresses

A hosts file located at /etc/hosts, can also be used to perform domain name – IP address translation i.e. we can map our own IP address – domain name. It means that one can determine which IP address you browser goes to when you enter any domain particular domain rather that letting DNS server decide i.e. overriding DNS server’s powers. This can be used for hijacking a TCP connection on you local are network to direct traffic to a malicious web server using tools such as dnsspoof. One can add any IP address mapped to any domain.
NOTE: use TAB between the IP address and the domain name not the SPACEBAR.

Hope this article has given you some idea of about how we can collect some basic information about network and domain name.

Top comments (0)