Kali/Layer 3 Attacks
From charlesreid1
Network (Layer 3) Attacks
This page covers the use of Kali to carry out attacks on layer 3. Also see Kali/Workflow.
Review
Let's review the network stack before we launch into network layer attacks.
| Layer | Name | Function |
|---|---|---|
| 7 | Application | Topmost layer, provides users a means to access network resources (only level seen by end user) |
| 6 | Presentation | Transforms data received into a format that is readable by the application layer. Handles encryption/description for secure data |
| 5 | Session | Manages communication sessions between computers. Manages connections with other devices. Half-duplex or full duplex. |
| 4 | Transport | Provide reliable data transport services to lower layers. |
| 3 | Network | Routes data between physical networks. Handles addressing, via IP. Handles packet fragmentation and error detection. Router level. Most complex layer. |
| 2 | Data Link | Transports data across a network. Provides addressing scheme to identify physical devices, bridges, switches, MAC addresses. |
| 1 | Physical | The physical medium for the network communication signals. |
(Please Do Not Touch Steve's Pet Alligator)
(Phys Dat Net Trans Sesh Prezzy App)
Layer 3 is the Network layer. It handles IP addresses and translating between MAC addresses and IP addresses.
Scenario
Now, supposing you are on the same network as a sheep - what is your next step?
The next step is to join the network, and elevate the level of access you have to the sheep. Naturally, communications are much easier to monitor on a network layer (i.e., dealing with network packet traffic) than on a physical layer (i.e., dealing with raw packet captures or captured radio signals).
Now the question of intentions or goals comes up. You may have a couple of different goals in mind:
- Monitor traffic passively, record and extract information from unencrypted (non-https) streams
- Monitor traffic actively, force https connections to be http connections to make all traffic unencrypted
- Tamper with traffic, by injecting/removing/modifying information in the traffic stream
- Jamming communications, causing denials of service, or blocking specific traffic
Alternatively, you may be thinking of taking an invasive route. After all, the easiest way to monitor traffic without the victim ever knowing a thing is if you can monitor network traffic from their machine directly. At this point you're talking about breaking into the sheep's system to install monitoring software. This moves the attack to another layer.
Redirecting Traffic Through Yourself
If your intention is to monitor a sheep's traffic, you can use ARP Poisoning to reroute traffic at the network/router level so that you intercept all communications intended for the sheep. This allows you to tamper with all traffic, or just listen to everything. This is a low level of involvement, and involves modifying ARP lookup tables (which associate IP addresses to MAC addresses) so that computers send traffic intended for the sheep to your computer instead.
Sniffing Traffic for Passwords/Goodies
If you intend to sniff traffic, you can also use Dsniff.
Tampering with Traffic On The Fly
If you want to tamper with traffic, or view images passing through a traffic stream live, use... Ettercap?
Flags
 |
Attack Layers pages addressing attack vectors, tools, and methodologies for each layer of the network stack.
1 Physical Attacks: Kali/Layer 1 Attacks 2 Data/MAC Attacks: Kali/Layer 2 Attacks 3 Network Attacks: Kali/Layer 3 Attacks 4 Transport Attacks: Kali/Layer 4 Attacks 5 Session Attacks: Kali/Layer 5 Attacks 6 Presentation Attacks: Kali/Layer 6 Attacks 7 Application Attacks: Kali/Layer 7 Attacks
Template:MITMFlag · Template:DoSFlag · Template:MetasploitableFlag Category:Attacks · Category:Kali Attack Layers Flags · Template:KaliAttackLayersFlag · e |