You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The Moving Target Defense (MTD) technique we're working towards is IP shuffling, aimed at complicating lateral movement reconnaissance. This strategy involves dynamically changing the IP addresses of systems on a network. In our model, we have a private subnet containing three virtual machines that perform IP address rotation, periodically or erratically shifting across 254 different IP addresses.
Our diagram illustrates a scenario where one of these machines, denoted as Computer 2, has been compromised. By continuously changing IP addresses in an unpredictable manner, IP shuffling impedes attackers' reconnaissance efforts, making it difficult for them to identify and exploit vulnerabilities. The diagram delineates the intricate architecture of our network infrastructure, illustrating the hierarchical arrangement of networks, subnets, and their corresponding topological relationships. Within this schematic representation, the compromised computer is depicted, providing a visual reference to its position within the broader network.
In the rapidly evolving field of cybersecurity, attackers constantly refine their reconnaissance and lateral movement techniques to compromise networked systems. Moving Target Defense (MTD) strategies have emerged as a proactive solution to complicate and thwart such attacks by introducing uncertainty and unpredictability into network operations.
One such MTD technique is known as IP shuffling, which involves dynamically changing the IP addresses of systems within a network to impede reconnaissance. This paper introduces the \texttt{ip-shuffle} script, a Bash-based tool that dynamically assigns random IP addresses to a computer’s network interface within a specified range, verifies its availability, and ensures proper configuration. By unpredictably rotating IP addresses within a subnet, the \texttt{ip-shuffle} script disrupts attackers’ ability to establish a static view of the network, making reconnaissance challenging. The script achieves efficient and reliable IP address assignment through distinct functions for IP address generation, availability verification, network configuration validation, and gateway reachability testing. The \texttt{ip-shuffle} script incorporates comprehensive error handling and compatibility with Linux and BSD systems to provide a basic solution for scenarios requiring dynamic IP address allocation.
