Hacking Exposed Cisco Networks: Cisco Security Secrets & Solutions
| | ||
| | ||
| | ||
Many of the attacks we describe involve setting up the cracker's machine as a rogue or masquerading router. This is an essential skill for anyone interested in attacking routing protocols that must be mastered in order to succeed. Several packages exist that allow your machine to participate in the routing protocol communication. We have selected Quagga ( http://www.quagga.net/ ) as a software routing suite optimal for the task for the following reasons:
-
Its syntax is similar to that of IOS; thus, someone familiar with Cisco routers will have little trouble working with Quagga.
-
It is an actively maintained and updated fork of the ceased Zebra project.
-
It supports all main nonproprietary routing protocols.
-
It is open source and free, so you can modify it to meet your endsfor example, to send corrupt routing updates.
-
Quagga is known to run on three different platforms: Linux, BSD, and Solaris.
Depending on your distribution of Linux, you may consider various options for installing this wonderful suite, as the maintainers provide binaries for Fedora, Debian, and Solaris as well as the ebuild for Gentoo. If you use any other packaging system, you would need to compile the package yourself from the source code. At the moment of writing, the latest stable release is 0.98.4, which you can download from the main site of the project in the download section. First, unpack the tarball by executing the following:
arhontus / # tar xvzf quagga-0.98.4.tar.gz arhontus / # cd quagga-0.98.4
Numerous options are available for fine-tuning the Quagga packages, but the default installation should be suitable for most users, so just continue and execute the following:
arhontus quagga-0.98.4 # ./configure && make && make install
By default, Quagga is built to run under user and group quagga , so make sure you create such a user and group.
| | ||
| | ||
| | ||