Hey guys, not exactly a thread to do with the exploitation of networks, however it has to do with security of a more personal and 'blue team' kind of nature.
What i am trying to achieve is have two network interfaces, say eth0 and eth1, eth0 connects to the DHCP server my router provides but i want to eth1 to connect to a DHCP server i set up locally.
DHCP servers are interesting from an OPSEC perspective. A lot of implementations allow the user to configure more than simple IP leases.
My custom DHCP server would refer to a PAC/WPAD server that will provide a PAC script, a PAC script is a script for automating proxy management.
A typical PAC script might look like this. If you are familiar with JavaScript you might recognize the syntax.
Now say i would want the PAC script to govern which web resources get connected to via a proxy i would add an entry in my DHCP config file that refers to the server i set up to provide the PAC script. These entries might look like this.
So far so good, i know how to configure a DHCP server. However i am unsure as to how to set up an interface that uses the DHCP server i set up locally. I've been reading man pages and online resources since getting better at networking is really something i am quite keen on anyway. However the answer still eludes me.
I am not a networking expert so i apologize in advance if the answer might seem obvious to you, but i would appreciate any help, insight or tips you may be able to provide with regards to this.
Thanks guys.
What i am trying to achieve is have two network interfaces, say eth0 and eth1, eth0 connects to the DHCP server my router provides but i want to eth1 to connect to a DHCP server i set up locally.
DHCP servers are interesting from an OPSEC perspective. A lot of implementations allow the user to configure more than simple IP leases.
My custom DHCP server would refer to a PAC/WPAD server that will provide a PAC script, a PAC script is a script for automating proxy management.
A typical PAC script might look like this. If you are familiar with JavaScript you might recognize the syntax.
Code:
function FindProxyForURL(url, host) {
// If the hostname matches, send direct.
if (dnsDomainIs(host, "intranet.domain.com") ||
shExpMatch(host, "(*.abcdomain.com|abcdomain.com)"))
return "DIRECT";
// If the protocol or URL matches, send direct.
if (url.substring(0, 4)=="ftp:" ||
shExpMatch(url, "http://abcdomain.com/folder/*"))
return "DIRECT";
// If the requested website is hosted within the internal network, send direct.
if (isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0") ||
isInNet(dnsResolve(host), "172.16.0.0", "255.240.0.0") ||
isInNet(dnsResolve(host), "192.168.0.0", "255.255.0.0") ||
isInNet(dnsResolve(host), "127.0.0.0", "255.255.255.0"))
return "DIRECT";
// If the IP address of the local machine is within a defined
// subnet, send to a specific proxy.
if (isInNet(myIpAddress(), "10.10.5.0", "255.255.255.0"))
return "PROXY 1.2.3.4:8080";
// DEFAULT RULE: All other traffic, use below proxies, in fail-over order.
return "PROXY 4.5.6.7:8080; PROXY 7.8.9.10:8080";
Now say i would want the PAC script to govern which web resources get connected to via a proxy i would add an entry in my DHCP config file that refers to the server i set up to provide the PAC script. These entries might look like this.
Code:
option local-pac-server code 252 = text;
option local-pac-server “http://wpad.example.com:80/wpad.dat”;
So far so good, i know how to configure a DHCP server. However i am unsure as to how to set up an interface that uses the DHCP server i set up locally. I've been reading man pages and online resources since getting better at networking is really something i am quite keen on anyway. However the answer still eludes me.
I am not a networking expert so i apologize in advance if the answer might seem obvious to you, but i would appreciate any help, insight or tips you may be able to provide with regards to this.
Thanks guys.