Getting your Network Connection Up And Running on Backtrack
Contents
By default, networking is disabled in Backtrack 4. The reason for this is that stealth is an important factor in penetration testing, so a system that starts sending out noisy DHCP requests after booting can be a bad thing.
Enabling networking
The easiest way to enable networking is to use the init script:
/etc/init.d/networking start
This will attempt to start the network interfaces in the file /etc/network/interfaces. Generally you don’t need to worry about the file’s contents; all relevant network interfaces will be enabled automatically and a DHCP lookup will start. If you are not using a wireless network card this is probably all you need to do. The rest of this page describes tools for a more manual approach.
Usually, your physical network card will be called eth0, and your wireless network card will be called wlan0.
ifconfig
Ifconfig is used to configure network interfaces. Without arguments, ifconfig shows the currently active interfaces:
$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:01:40:A4:b1:92
inet addr:120.89.168.243 Bcast:120.89.175.255 Mask:255.255.240.0
inet6 addr: 2001:610:1948:8000:211:50ff:fd34:b192/64 Scope:Global
inet6 addr: fe80::201:50ff:fd34:b192/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:797670625 errors:67914 dropped:1516154 overruns:1126 frame:It is also possible to take an interface down using the command below. Replace down with up to bring an interface online.
ifconfig eth0 down
iwconfig
The iwconfig command is similar to ifconfig, but it is intended specifically for configuring wireless interfaces. You can use it to check if you are connected to an access point.
Example output of iwconfig
To view the output for a single interface:
$ iwconfig eth1
eth1 IEEE 802.11g ESSID:"OSU_PUB"
Mode:Managed Frequency:2.427 GHz Access Point: 00:0D:9D:C6:38:2D
Bit Rate=48 Mb/s Tx-Power=20 dBm Sensitivity=8/0
Retry limit:7 RTS thr:off Fragment thr:off
Power Management:off
Link Quality=91/100 Signal level=-39 dBm Noise level=-87 dBm
Rx invalid nwid:0 Rx invalid crypt:860 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:39 Missed beacon:8To connect the wlan0 interface to an open network called “OpenNetwork”, use the command below. Note that the network ESSID is case sensitive.
iwconfig wlan0 essid "OpenNetwork"
Wireless Connection GUI
If you are using GNOME or KDE, you can use a GUI tool called wicd-client. This application allows you to search for and connect to wireless networks. It is installed by default on Backtrack.
The wicd-client GUI in KDE.
1) Start the wicd daemon.
/etc/init.d/wicd start
2) Start the wicd GUI (an icon pops up in your tray).
wicd-client
Connecting to Secured Networks
For connecting to networks secured through the commandline the wpa_supplicant program is available. First create a configuration file at /etc/wpa_supplicant.conf.
network={
ssid="myNetwork"
key_mgmt=WPA-EAP IEEE8021X
eap=TTLS
identity="johndoe"
anonymous_identity="johndoe"
password="mypass"
phase2="auth=PAP"
}Above is an example file. Use man wpa_supplicant.conf as a reference to create your own.
wpa_supplicant -B -c/etc/wpa_supplicant.conf -iwlan0
This will start the wpa_supplicant program in the background (-B), for the wlan0 interface, using the configuration file at /etc/wpa_supplicant.conf. If all goes well, you will be connected.
Getting an IP
After establishing a (wireless) connection, the system needs to request an IP from the DHCP server. Use the dhclient command:
dhclient wlan0
The output should look somewhat like below.
$ dhclient wlan0 Internet Systems Consortium DHCP Client V3.1.1 Copyright 2004-2008 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ Listening on LPF/wlan0/00:11:02:ad:bd:9c Sending on LPF/wlan0/00:11:02:ad:bd:9c Sending on Socket/fallback DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 6 DHCPOFFER of 120.99.230.210 from 120.99.224.4 DHCPREQUEST of 120.99.230.210 on wlan0 to 255.255.255.255 port 67 DHCPACK of 120.99.230.210 from 120.99.224.4 bound to 120.99.230.210 -- renewal in 3064 seconds.
Now you should have a fully functioning connection.
