HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 64 guests and 1 member online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow Malwarearrow Botnet lab exercises for graduate-level security class?
EH-Net
May 26, 2012, 12:54:09 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Botnet lab exercises for graduate-level security class?  (Read 4016 times)
0 Members and 1 Guest are viewing this topic.
tjmarkowitz
Newbie
*
Offline Offline

Posts: 3


View Profile
« on: September 28, 2010, 08:44:08 AM »
Folks,

I'm teaching an Introduction to Computer Security class and would love
to find what others have done in creating lab exercises for building and
managing a simple botnet in order to make it more "real" for my
students. Any pointers to references would be much appreciated.

Thanks in advance.

//ted
--------------------------------------------------------------------------
 T E D   M A R K O W I T Z
 Dept. of Electrical & Computer Engineering and Computer Science (ECECS)
 252 Buckman Hall
 Tagliatela School of Engineering
 University of New Haven
 West Haven, CT 06516

 WWW: http://www.unh-ececs.net
 e-mail: tmarkowitz@newhaven.edu
 office/fax: 1-203-655-2400
 mobile: 1-203-984-6565
--------------------------------------------------------------------------
Logged
former33t
Full Member
***
Offline Offline

Posts: 228


View Profile
« Reply #1 on: September 28, 2010, 09:08:58 PM »
First, I don't have any example code to throw your way, but I'd tread lightly on this.  I think there are some legal implications in giving your students bot software.

If you were keeping the whole thing in a lab, you might write some simple bot code that sends packets on command (simulated DDOS) in your university lab and provide students access to the controller to see how it works.  That way even if it gets out (and it will), your liability is pretty nill.
Logged
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk
tjmarkowitz
Newbie
*
Offline Offline

Posts: 3


View Profile
« Reply #2 on: September 29, 2010, 09:06:32 AM »
Excellent points and I warn my students about such things all semester. On the other hand, I don't think there's a better way to learn to protect yourself than knowing exactly how attackers go about hurting you.

Actually I was planning on doing precisely as you suggest: off-line, well-insulated, using throw-away VM's as targets, etc. I'm just looking for some example code to use as a headstart vs. beginning completely from scratch.

Cheers,

//ted
Logged
Equix3n-
Sr. Member
****
Offline Offline

Posts: 379



View Profile
« Reply #3 on: September 29, 2010, 09:46:55 AM »
You might want to check some links I posted few months back http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,5541.0/
Logged
H0nd0CSI
Newbie
*
Offline Offline

Posts: 17


H0nd0


View Profile WWW
« Reply #4 on: September 30, 2010, 08:23:37 AM »
Hi Ted, Just to reinforce what was mentioned before but with the strongest point that you should MAKE students very aware of: 5 years + $250,000.

I suggest using a packet builder that will allow you to use a test script that will have them understand what takes place.

Example free builder: Engage Packet builder - Scriptable libnet-based packet builder

Student Charged with Using University Computer Network for Denial of Service Attacks and to Control Other Computers (via “BotNet” zombies)
Steven

http://www.cybercrime.gov/frostPlea.pdf

http://www.cybercrime.gov/smithPlea2.pdf

http://www.cybercrime.gov/anchetaSent.htm

http://www.cybercrime.gov/maxwellPlea.htm

Hope this helps as I teach many of the CEH classes
Logged
"If the only tool you have is a hammer, you tend to see every problem as a nail"
Abraham Maslow
H0nd0CSI
Newbie
*
Offline Offline

Posts: 17


H0nd0


View Profile WWW
« Reply #5 on: September 30, 2010, 08:47:59 AM »
FYI you can follow our tweets on:

www.sequrit.org

Another high level botnet case:

VANCOUVER--The take down of the Mariposa botnet is a cyber law enforcement success story - but gaps in international cyber law could make it difficult to prosecute those behind the botnet.

http://threatpost.com/en_us/blogs/gaps-international-cyber-law-could-hamper-mariposa-case-092910?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular

A researcher involved in the analysis and dismantling of the Mariposa botnet said that gaps in cyber crime laws in the countries from which the botnet was operated may make it difficult to prosecute those accused of operating the scheme.
Logged
"If the only tool you have is a hammer, you tend to see every problem as a nail"
Abraham Maslow
H0nd0CSI
Newbie
*
Offline Offline

Posts: 17


H0nd0


View Profile WWW
« Reply #6 on: September 30, 2010, 08:52:27 AM »
Here is a great video link posted in one of the other posts:

Botnets using twitter

http://www.youtube.com/watch?v=r_F3VheC9ww

And Don posted this as well:

http://www.scmagazineus.com/tool-lets-twitter-be-used-to-control-botnet/article/170236/

Gee thanks Ted now I am going to be spending the day on Bot Nets  Cry
Logged
"If the only tool you have is a hammer, you tend to see every problem as a nail"
Abraham Maslow
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.061 seconds with 22 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.