Project L3: Router Advertisements with scapy (20 pts.)
What you need
- A Linux machine, real or virtual, with scapy installed. I used a BackTrack 4 R2 virtual machine.
- A Windows 7 machine. It does not need to have the googo6 client.
- The machines need to be on the same LAN. It does not need to be isolated from other machines--this
project is not dangerous, as far as I know.
Finding your Linux Machine's MAC Address
On the Linux machine, in a Terminal window, execute this command:
ifconfig
Find the HWaddr value, which is highlighted in the figure
below on this page. Record this value--you will need it later.
Installing scapy
If you are using BackTrack 4 R2, scapy is already installed.
If you are using Ubuntu, use this command to install it:
sudo apt-get install python-scapy
Starting scapy
On the Linux machine, use this command to start scapy:
sudo scapy
Sending a Router Advertisement with scapy
Creating an IPv6 Object
In the Linux machine, in the Terminal window, at the >>> prompt,
execute these commands to create an IPv6
packet and examine it:
a = IPv6()
a.dst = "ff02::1"
a.display()
Your IPv6 object should now have both the src and dst fields filled in,
as shown below on this page:
Creating an ICMPv6 Router Advertisement Object
In the Linux machine, in the Terminal window, at the >>> prompt,
execute these commands:
b = ICMPv6ND_RA()
b.display()
Your ICMPv6 Router Advertisement object should have a type of Router Advertisement,
as shown below on this page:
Specifying the Source Link-Layer Address
In the Linux machine, in the Terminal window, at the >>> prompt,
execute these commands. In the second command below, replace the
value shown with the HWaddr value you found with the ifconfig
command at the start of this project:
c = ICMPv6NDOptSrcLLAddr()
c.lladdr = "00:50:56:24:3b:c0"
c.display()
The lladdr value should match your HWaddr,
as shown below on this page:
Specifying the Maximum Transfer Unit
In the Linux machine, in the Terminal window, at the >>> prompt,
execute these commands:
d = ICMPv6NDOptMTU()
d.display()
The mtu value should be 1280,
as shown below on this page:
Specifying the Advertised Prefix
In the Linux machine, in the Terminal window, at the >>> prompt,
execute these commands:
e = ICMPv6NDOptPrefixInfo()
e.prefixlen = 64
e.prefix = "cc5f::"
e.display()
The prefixlen and prefix values should be correct,
as shown below on this page:
Starting Wireshark
In the Linux machine, open a new Terminal window.
In the new Terminal window, execute this command:
wireshark
In the Wireshark window, click Capture, Interfaces.
In the eth0 line, click the Start button.
(If you are using Ubuntu, it may be the eth1 line instead.)
Sending a Router Advertisement Packet
In the Linux machine, in the Terminal window, at the >>> prompt,
execute this command:
send(a/b/c/d/e)
You should see a message saying "Sent 1 packets".
The Wireshark window should show the Router Advertisement packet.
Click it in the upper pane to select it, and expand the middle pane so
the Prefix: cc5f:: information is visible,
as shown below on this page:
Saving the Screen Image
Make sure you can see Prefix: cc5f:: in the Wireshark window.
Save a screen image with the filename Proj L3a from Your Name.
Viewing the Autoconfigured Address on the Windows Machine
On the Windows 7 machine, in a Command Prompt, execute the IPCONFIG command.
You should see an automatically configured IPv6 address starting with the
cc5f:: prefix, as shown below on this page:
Saving the Screen Image
Make sure you can see IPv6 address starting with the
cc5f:: prefix on the Windows machine.
Save a screen image with the filename Proj L3b from Your Name.
Turning in Your Project
Email the images to cnit.60@gmail.com with a Subject line of
Proj L3 from Your Name.
Source
http://www.packetlevel.ch/html/scapy/scapyipv6.html
Last modified: 6-18-11, 9 am