Task 1: Find the Default Gateway

Step 1

• Turn on the pfSense machine.

Step 2

• Make sure pfSense, Kali, and Windows virtual machines are set to the same internal network.

Step 3

• The WAN should be similar to your home router default gateway and your LAN should be 192.168.1.1. If it is not please refer to the pfSense according to the network configuration SIP.

Step 4

• Make sure your Kali and Windows box received the proper IP from pfSense LAN DHCP.

Step 5

• Verify connectivity between the virtual machines.

Step 6

• In the Kali machine, identify the default gateway and the MAC addresses of the machines. Write down the MAC addresses for later use.
• Note: This is performed to simulate the attacker’s perspective.

Task 2: Examine the ARP Table

Step 1

• Display the ARP table in the Windows 7 machine and note that all the MAC addresses are different and correspond to the previous scan.

arp -a

Task 3: Poison the ARP Table

Step 1

• In the Kali VM, initiate an arp spoofing attack against the Windows machine and impersonate as the default gateway.

arpspoof -i eth0 -t [Windows machine IP] [Default Gateway IP]

Step 2

• In the Windows ARP table, note the change of MAC addresses.

arp -a