Kursus Percuma Metasploit reverse shell analysis

[Kursus Percuma Metasploit reverse shell analysis]

https://www.facebook.com/events/1647969528817113/

[kursus percuma covert channell]

kpd yg berminat network forensic covert channell anaysis

https://www.facebook.com/events/731738096956837/

[kursus percuma covert channell]

kpd yg berminat network forensic covert channell anaysis

https://www.facebook.com/events/731738096956837/

[cisco ebook]

http://serv.yanchick.org/Books/Cisco Collection CCNA, CCNP, CCIP, CCIE, CCDP, CCDA/

[Jawatan Kosong Guru Al-Quran (Rm2800) Malaysia/singapura/brunei]

gambar ikon pelakun ni dah murtad..tukarkan lah...

[Workshop asas suricata IPS]

Tq bro Umarzuki ...

minggu ni ade 1 lagi ....register just pm inbox saya..

 

 

 

[Workshop asas suricata IPS]

Kursus Asas Network Intrusion Prevention System http://suricata-ids.org akan diadakan 26/07/2015 bertempat di seri kembangan kpd sesiapa yg berminat utk mendapat pengalaman mengunakan suricata buat pertama kali sila pm inbox saya utk sbrg pertanyaan/pendaftaran..TQ

 

[Kelas Tunnelling/reverse Shell]

 

 

 

berminat sila pm arora_rafjani Facebook-id

pls like/comment...

 

kelas Evasion Analysis with wireshark& snort..

https://www.facebook.com/pages/ProtocolSniffer/750764394981515

 

 

 

[Network Monitoring]

with lua scripting rule..

http://www.haka-security.org/hakabana.html

[Download Defcon 2014 December]

sila layari utk info lanjut ..download mane yg berkenan

https://media.defcon.org/DEF%20CON%2022/DEF%20CON%2022%20video%20and%20slides/

[Workshop Snort/haproxy]

Salam utk bulan 2 ni saya openkan 3 kelas worshop utk beginner spt 1. Workshop haproxy-snort utk prtotection hack at http layer attack 2. Workshop Setup Thin Cleint dan Content filtering 3. Linux system admin plus setup apache/dns/ftp/nfs/samba/dhcp maklumat lanjut sila ke http://protocolunique.com tq

[Kursus Wireshark/snort/modsecurity]

Salam
Syarikat kami ade menyediakan kursus asas
Wireshark/snort [b]1-2/12/2012[/b]
Modsecurity Web Application Firewall(WAF) [color=#CC6600][color=#006600][color=#000099][b]8-9/12/2012[/b][/color][/color][/color]



Hands-On lab:
Installation/configuration/tuning
Analysis/Synthesis Network Forensic Technique
Learning Packet Injection Method with Tools
Common Application Protocol Analysis arp/rarp,dhcp,ip,tcp,udp,icmp
Common Application Protocol Analysis HTTP,FTP,Telnet,ssh,smtp,pop,dns
Analysis Basic Intrusion Network Threat p2p,network worm,dos/ddos

Utk sebarang pertanyaan/maklumbalas sila ke [url="http://protocolunique.com"]protocolunique.com[/url]

[Wireless Network Design]

Jgn lupa content filtering ..firewall juga

[Modsecurity Block Web Vulnerability Scanner]

salam
Basic protocol anomaly utk detect Heade Web Scanner Http anomaly http://protocolunique.com/waf.html

[Block Ultrasurf Dan Https://vtunnel.com]

Ultrasurf dan vtunnel ialah program proxy yg digunakan utk bypass proxy. disini sy sertakan link cara simple nak blok ultrasurf dan https://vtunnel.com mengunakan apks advanced portknocking
http://protocolunique.com/artikel8.html harap berkongsi pandangan/ilmu.

[sumber2/laman web berkaitan IT]

Salam bagi sesiapa yg berminat mendalami dan menguuasai tcp-ip dgn mengunakan linux tools sila ke http://protocolunique.com

[Linux : Tips And Tutorial]

Di sini ade beberapa artikel ttg security tools ..harap dpt membantu.tq http://protocolunique.com

[Cadangan: Perjumpaan/meetups Oss Putera.com]

bagus tu..dptkenal2 tukar2 knowledge..bila nak set..insyallah sy datang

[Best Ka Fedora?]

http://networksecuritytoolkit.org ni guna fedora 11 gak..ok juga byk tool security nak compile just yum install gcc-c++ or yum install kernel-source
http://www.clearfoundation.com/Software/overview.html ni pun ok ringan juga tapi guna centos 5.1 ..good for firewall/ips/spamfilter

[Class Tcp-Ip Sniffer Tool]

Course 1
Course Introduction

The TCP/IP protocol suite is the foundation of the Internet. TCP/IP is robust, scalable and offers a choice of reliable transport or simplistic, unreliable transport. All these attributes lead to a protocol suite that is complex and highly sophisticated. That is where network sniffing plays a useful role. Network sniffing refers to the listening and capturing of all or selected packets of network traffic, traveling over a network, and thus, provide a basis for analysis or investigation needed in trouble-shooting the network.

You will learn
-Fundamental of TCP/IP
-basic skill to effectively set up TCP/IP networks
-How to understand and construct secure,robust local area network
-How to diagnose and fix problems with TCP/IP utulities
-How to plan and design improved networks
-How to troubleshoot TCP/IP Networks
-How to use Protocol Analyser to diagnose real TCP/IP problems
Course Pre-requisites

To gain the most from this course, participants should know a little on TCP/IP networking and Ethernet technology. Important aspects of TCP/IP and Ethernet relevant to sniffing will be reviewed briefly. Some exposure to UNIX will be useful but not essential.

Course Duration

This course will run for 2 consecutive days. The first day will provide a brush up skills on network as well as explain the purpose and usage of network sniffers. The second day will provide an in dept training on how a sniffer could be used to help diagnose and trouble shoot problem on the network.

Course Outline

Day 1

Quick Overview

Review of TCP/IP
Review of TCP/IP Headers
Review of Netmask Calculation
Review of Ethernet Networking

Network Sniffing Principles

What is Promiscuous Mode?
Switching in an Ethernet Hub environment
Switching in a switched environment
Simple Sniffing Exercise

Using the TCPdump/Wireshark/tshark network Sniffer

Introduction to TCPdump/Tcpick/Tcptrack/p0f/ettercap/brian
How to capture ARP/RARP Traffic with TCPdump/Tcpick/Tcptrack/Arpon
How to capture ICMP Traffic with TCPdump/Tcpick/Tcptrack/p0f/ettercap/brian
How to capture UDP Traffic with TCPdump/Tcpick/Tcptrack/p0f/ettercap/brian
How to capture TCP Traffic with TCPdump/Tcpick/Tcptrack/p0f/ettercap/brian
Complex Filtering Rules
Extensive Practices

Using the Wireshark/tshark network Sniffer for baseline Analyse
Domain Name System(DNS)
Address Resolution Protocol(ARP) traffic
Internet Protocol Ver 4(IPV4)
Internet Control Message traffic(ICMP)
User Datagram Protocol(UDP) traffic
Transmission Control Protocol(TCP) traffic
Dynamic Host Configuration Protocol(DHCP) traffic
Hypertext Transfer Protocol(HTTP) traffic
-Understanding Packet Structure
-Filter on each layer
-Analyze Normal/Unusual Traffic/abnormal


Day 2- Advance Network Troubleshooting with packet sniffer

Troubleshooting TCP/IP Network

Using Sniffers to Debug the Network
Examples of how to trouble shoot a network problem (ARP, DHCP, TCP,ICMP etc)

Unique Troubleshooting with Sniffers

Principles/Methodology
Port scanners
-nmap/unicornscan/sinfp/arp-scan
Os fingerprinting
-p0f/disco/unicornscan/sinfp
honeynet/honeypot
-labrea/honeyd/netwox
Packet Generator
-arp-sk/netwox/tcpreplay/bitwistb
PortKnocking
-aldaba-suite/honeyd/knockd
Examples
Denial of service(DOS)
-layer 2 attack and countermeasure
-layer 4 attack and countermeasure

Simple Sniffing and Intrusion Detection System

Sniffing and Intrusion Detection
Sniffing and Computer Forensics


Open Discussion Section

Participants are encouraged to bring their
Problems and questions for discussion

About the Practical Sessions

All the practice session will be conducted in Windows and Linux based machines using the TCPdump and Wireshark packet sniffer.

The practical sessions will include the following:

1. Sniffing all traffic to a host.
2. Sniffing selected traffic to a host based on protocol and ports.
3. Sniffing all traffic to a subnet.
4. Sniffing group of traffic
4. Sniffing selected traffic to a subnet based on protocol and ports.
5. Complex sniffing filters involving different protocols and many ports.
6. Analyzing network traffic in depth with Wireshark
7. TCP exchange following.
8. Large capture files manipulation for analysis.
9. Network troubleshooting with sniffers.

Livecd:pentoo-nsttoolkit
Slackware Linux
virtual box(virtual machine)
window xp/2003/vista tools

sila berhubung dgn saya
[email protected]

[mintak tolong otai putera (cara jgn bagi orang pakai router )]

kawalan if saya guna teknik netwok packet injection ia tak lah susah sgt mcm spt
http://putera.forumotion.com/sistem-rangkaian-f28/macam-mana-nak-control-network-printer-t6432.htm?sid=f24080abfe6e862d088f0a6999dff68e

hanya perlukan satu pc terpakai tak payah power sgt ram256 celeron pun ok...gunakan slackware ni..http://hardenedlinux.sourceforge.net/ insyallah blacklist dan whitelist anda yg setkan..cth lain
http://forum.kolejshahputra.edu.my/viewtopic.php?f=14&t=3391

if anda perlukan bantuan sila email saya je

[Macam mana nak control network printer ?]

sy akan gunakan pendekatan packet injection iaitu layer 2 utk locking to printer tu
caranye simple:

(hanya pc 10.4.3.200 ----->printer 10.4.3.1)

1 subnet ade 100 ip ...setkan 1 pc je ug boleh access ke printer
define ip whitelist=10.4.3.200 mac=1:1:1:1:1:a
define ip blacklist=10.4.3.XX mac=1:x:x:x:x:x katakan 99 ip
printer ip =10.4.3.1 mac=a:a:a:a:a:a
saya gunakan arp-sk http://sid.rstack.org/arp-sk/

satu pc linux utk kawal injectkan cmd spt berikut:

###
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.2 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.3 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
#
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.4 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.5 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.6 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.7 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.8 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.9 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.10 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.11 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.12 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.13 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.14 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.15 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.16 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.17 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.18 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.19 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.20 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.21 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.22 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.23 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.24 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.25 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.26 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.27 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.28 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.29 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.30 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.31 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.32 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.33 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.34 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.35 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.36 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.37 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.38 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.39 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.40 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.41 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.42 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.43 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.44 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.45 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.46 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.47 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.48 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.49 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.50 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.51 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.52 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
##
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.53 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.54 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.55 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.56 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.57 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.58 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.59 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.60 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.61 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.62 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.63 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.64 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.65 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.66 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.67 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.68 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.69 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.70 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.71 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.72 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.73 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.74 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.75 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.76 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.77:00:1d:0f:c2:0e:b1 -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.78 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.79 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.80 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.81 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.82 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.83 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.84 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.85 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.86 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.87 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.88 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.89 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.90 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.91 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.92 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.93 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.94 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.95 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.96 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.97 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.98 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.99 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.100 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.101 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.102 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.103 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.104 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.105 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.106 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.107 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.108 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.109 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.110 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.111 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.112 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.113 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.114 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.115 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.116 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.117 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.118 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.119 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.120 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.121 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.122 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.123 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.124 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.125 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.126 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.127 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.128 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.129 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.130 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.131 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.132 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.133 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
##
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.134 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.135 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.136 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.137 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.138 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.139 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.140 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.141 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.142 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.143 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.144 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.145 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.146 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.147 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.148 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.149 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.150 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.151 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.152 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.153 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.154 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.155 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.156 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.157 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.158 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.159 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.160 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.161 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.162 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.163 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.164 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.165 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.166 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.167 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.168 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.169 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.170 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.171 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.172 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.173 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.174 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.175 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.176 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.177 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.178 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.179 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.180 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.181 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.182 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.183 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.184 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.185 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.186 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.187 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.188 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.189 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.190 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.191 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.192 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.193 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.194 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.195 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.196 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.197 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.198 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.199 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.200:1:1:1:1:1:a -d 10.4.3.1 -c 99999999 -T 10 & #------>ni whitelist
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.201 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.201 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.202 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.203 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.204 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.205 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.206 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.207 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.208 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.209 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
##
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.210 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.211 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.212 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.213 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.214 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.215 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.216 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.217 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.218 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.219 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.220 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.221 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.222 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.223 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.224 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.225 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.226 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.227 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.228 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.229 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.230 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.231 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.232 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.233 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.234 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.235 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.236 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.237 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.238 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.239 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.240 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.241 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.242 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.243 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.244 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.245 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.246 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.247 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.248 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.249 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.250 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.251 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.252 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.253 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
/usr/local/sbin/arp-sk -r -i eth3 -S 10.4.3.254 --rand-arp-hwa-src -d 10.4.3.1 -c 99999999 -T 10 &
saya terangkan sikit -S adalah source ip(spoof) dan --rand-arp-hwa-src adalah spoof mac address berubah2 setiap 10 saat injection tersebut jadi arp cache bg printer akan di spoof/poison bila shj ade penguna blacklist cuba link tu printer...

so selesai sudah layer 2 injection kita ctrl mac-ip then focuskan pd pc 10.4.3.200 --->hardenkan sistem 10.4.3.200 spt saranan saudara2 disini juga ...jadi tak perlu nak pantau sgt sapa yg guna kita force hanya ip-mac address 10.4.3.200.

[Arpon utk protection dr Arp spoof reply attack]

arp adalah salah satu protocol dlm layer 2
ade beberapa jenis iaitu static/dynamic arp,gratious arp dan proxy arp
Ujian ni melibatkan 2 pc dan satu router dicompile dalam
http://hardenedlinux.sourceforge.net/ os based on slackware
2 tools ..arpon http://arpon.sourceforge.net/ utk pen test guna arp-sk http://sid.rstack.org/arp-sk/
pastikan beberapa libdnet ..libnet...libpcap diinstall terlebih dahulu.

Utk compile arpon-gunakan cmd ni #gcc -g -lpthread -Wall -Werror -lpcap -ldnet -lnet -L/usr/local/lib -I/usr/local/include -DLINUX -o arpon arpon.c /usr/local/lib/libpcap.a /usr/lib/libnet.a /usr/local/lib/libdnet.a


Router(192.168.1.1) <------->pc (arpon)192.168.1.10<----------->pc(arp-sk)-192.168.1.33

192.168.1.1-11:11:22:aa:bb:cc
192.168.1.10-11:11:11:11:11:11

Teknik arp spoof or arp reply attack akan dilaksanakan oleh attacker/pentest utk spoofkan fillup arpcache sama ke router or ke pc(arpon) cth cmd spt
1. pc(arp-sk)#arp-sk -i eth0 -r -S 192.168.1.10:AA:CC:DD:EE:11:12 -d 192.168.1.1 -c 100 -T 2 atau
2.pc(arp-sk)#arp-sk -i eth0 -r -S 192.168.1.10 --rand-arp-hwa-src -d 192.168.1.1 -c 100 -T 2

or
1.pc(arp-sk)#arp-sk -i eth0 -r -S 192.168.1.1:1A:BB:CC:DD:EE:AA -d 192.168.1.10 -c 100 -T 2
2.pc(arp-sk)#arp-sk -i eth0 -r -S 192.168.1.1 --rand-arp-hwa-src -d 192.168.1.10 -c 100 -T 2

Ade perbezaan cmd diatas satu gunakan static arp reply dan random arp hwa src address manakala -c ialah beberapa kali packet arp dihantar manakala -T ialah every 2 second.

Result if tak de protection pc-192.168.1.10 tdk berkomunikasi dgn router.Salah satu cara yg biasa kita lakukan ialah bg kes window mmg vulnerable utk linux just runkan ifconfig eth0 -arp dan masukan static arp static gunakan cmd arp -s 192.168.1.1 11:11:22:aa:bb:cc. Tapi dgn adenye arpon tdk perlu lagi hanya perlu runkan 2 cmd ni iaitu
arpon -i eth0 -s& dan arpon -i eth0 -y& tetapi masih belum cukup lagi sebab protection hanya utk pc 192.168.1.10 so kena gabungkan dgn arp-sk utk fillup ke router semula dgn cmd #pc(arp-sk)#arp-sk -i eth0 -r -S 192.168.1.10:11:11:11:11:11:11 -d 192.168.1.1 -c 100 -T 2

[Macamana nak buat network monitoring]

nak mudah gunakan live redwall-firewall
sudah ade squid + dansguardian ..ntop pun ade...
endian firewall pun mudah install ade web filtering /snort ids

utk bagus tambahkan honeynet ...utk mudahkan anda gunakan
http://www.networksecuritytoolkit.org/nst/index.html dah ade multitap tapping
ade iptables...snort..p0f(os fingerprinting)..honeyd dan netwox gabungan netwox 73 boleh create virtual ip-mac address yg berbeza disamping peranan honeyd sbg pembuka open port or proxy ke high interaction honeynet..

[tolong bagi cadangan nak buat pojek network..yang simple tapi menarik.]

cadangan projek dynamic honeynet system
objective:
to detect/mitigate worm/portscan attack
to falsefy os fingerprinting attack
to confuse hacker/attacker
to locking system ethernet layer

Tools:honeyd + netwox + arpon + arp-sk + ossec
deployment:
1.dlm Lan/vlan.
2.dlm dmz
3.dlm external public ip

honeyd mempunyai satu mechanism terdiri dr dynamic template(3 jenis detect)
1.Source ip
2.Time based
3.Os fingerprinting (based on p0f)

static template boleh open/closed/reset port tcp-udp-icmp---->proxy to other Sistem komputer