De-Ice lvl 1 program issue

This topic contains 8 replies, has 4 voices, and was last updated by  m0wgli 4 years, 10 months ago.

  • Author
    Posts
  • #8741
     The New LT72884 
    Participant

    Not sure how or why this is happening but im bedazzled with the issue.

    Does de-ice not allow nmap scans behind a router?

    Here is my simple set up.

    BT5(192.168.2.2)


    (fa0/0 192.168.2.1)ROUTER(fa0/1 192.168.1.1)


    DE-ICE(192.168.1.100)

    No firewall rules or packet filtering. If i turn off de-ice and use ubuntu, pings and nmap work fine, but with de-ice nothing. Nmap should work just fine since there is no packet filtering, just routing, and all packets going to the de-ice machine would be from a device in the same network(the routers fa0/1 int).

    Thanks

  • #53931
     Grendel 
    Participant

    As the author of the challenge, I can tell you that part of the challenge revolves around network scanning – I’m giving up some of the challenge for you by saying this, but ICMP is turned off on the image so your ping definitely won’t work.

  • #53932
     The New LT72884 
    Participant

    Haha, true, icmp doesnt work, but the main issue is that nmap is not working either. I have completed the challange before but in a switched network. Howevr, has deice been tested in a routing environmentk? Because no matter what i do, nmap will not work across a single router. No firewall rules are turned on. But i can nmap an ubuntu machine across the router. So the issue still stands that nmap wont scan deice across a router but it will scan every other system.

    Thanks

    Matt

  • #53933
     The New LT72884 
    Participant

    Ok, so i did some further testing. I have deice hacker demia running with ip 192.168.1.123 and backtrack with ip 192.168.2.3 and nmap works just fine. However, it errors out almost instantly with deice lvl1. Odd. All that is inbetween is a cisco router with no acls.

    Thanks

  • #53934
     Grendel 
    Participant

    Try connecting to it via http://192.168.1.100

  • #53935
     The New LT72884 
    Participant

    Ok so after testing, i can not connect to the webpage from behind the cisco 7200 router. No acls no rules, just a directly connected route. If i have another server turned on with in the same lan as deice, i can connect to it behind the router. Just not deice haha. Strange.

    Thanks.

  • #53936
     The New LT72884 
    Participant

    I have now further tested the environment by switching out the 2610 router with a 7200 series router. Same issue. i have tested behind multiple routing platforms with same issue. i can not scan using nmap or connect to the web page when behind a router. No rules are in place. Just static routes. All communication between other hosts work fine including nmap and webserver.

    Its almost like it drops packets because it knows its behind a router and not a switch hahaha. its just toying with me at this point haha

  • #53937
     SephStorm 
    Participant

    The IP is statically assigned to the disk, the de ice cd needs to be on the network segment 192.168.1.x-254

  • #53938
     m0wgli 
    Participant

    I was doing some other testing with GNS3 today and remembered this post. I created the same config using a 7200 series router, and also had the same problems initially.

    I added the following routes to the VM’s to get it working:

    For Kali:

    route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.2.1 dev eth0

    For De-Ice 1.100:

    route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.1 dev eth0

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?