Botnet lab exercises for graduate-level security class?

Viewing 6 reply threads
  • Author
    Posts
    • #5627
      tjmarkowitz
      Participant

      Folks,

      I’m teaching an Introduction to Computer Security class and would love
      to find what others have done in creating lab exercises for building and
      managing a simple botnet in order to make it more “real” for my
      students. Any pointers to references would be much appreciated.

      Thanks in advance.

      //ted


      T E D  M A R K O W I T Z
      Dept. of Electrical & Computer Engineering and Computer Science (ECECS)
      252 Buckman Hall
      Tagliatela School of Engineering
      University of New Haven
      West Haven, CT 06516

      WWW: http://www.unh-ececs.net
      e-mail: tmarkowitz@newhaven.edu
      office/fax: 1-203-655-2400
      mobile: 1-203-984-6565


    • #35456
      former33t
      Participant

      First, I don’t have any example code to throw your way, but I’d tread lightly on this.  I think there are some legal implications in giving your students bot software.

      If you were keeping the whole thing in a lab, you might write some simple bot code that sends packets on command (simulated DDOS) in your university lab and provide students access to the controller to see how it works.  That way even if it gets out (and it will), your liability is pretty nill.

    • #35457
      tjmarkowitz
      Participant

      Excellent points and I warn my students about such things all semester. On the other hand, I don’t think there’s a better way to learn to protect yourself than knowing exactly how attackers go about hurting you.

      Actually I was planning on doing precisely as you suggest: off-line, well-insulated, using throw-away VM’s as targets, etc. I’m just looking for some example code to use as a headstart vs. beginning completely from scratch.

      Cheers,

      //ted

    • #35458
      Xen
      Participant

      You might want to check some links I posted few months back http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,5541.0/

    • #35459
      wmburke
      Participant

      Hi Ted, Just to reinforce what was mentioned before but with the strongest point that you should MAKE students very aware of: 5 years + $250,000.

      I suggest using a packet builder that will allow you to use a test script that will have them understand what takes place.

      Example free builder: Engage Packet builder – Scriptable libnet-based packet builder

      Student Charged with Using University Computer Network for Denial of Service Attacks and to Control Other Computers (via “BotNet” zombies)
      Steven

      http://www.cybercrime.gov/frostPlea.pdf

      http://www.cybercrime.gov/smithPlea2.pdf

      http://www.cybercrime.gov/anchetaSent.htm

      http://www.cybercrime.gov/maxwellPlea.htm

      Hope this helps as I teach many of the CEH classes

    • #35460
      wmburke
      Participant

      FYI you can follow our tweets on:

      http://www.sequrit.org

      Another high level botnet case:

      VANCOUVER–The take down of the Mariposa botnet is a cyber law enforcement success story – but gaps in international cyber law could make it difficult to prosecute those behind the botnet.

      http://threatpost.com/en_us/blogs/gaps-international-cyber-law-could-hamper-mariposa-case-092910?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular

      A researcher involved in the analysis and dismantling of the Mariposa botnet said that gaps in cyber crime laws in the countries from which the botnet was operated may make it difficult to prosecute those accused of operating the scheme.

    • #35461
      wmburke
      Participant

      Here is a great video link posted in one of the other posts:

      Botnets using twitter

      http://www.youtube.com/watch?v=r_F3VheC9ww

      And Don posted this as well:

      http://www.scmagazineus.com/tool-lets-twitter-be-used-to-control-botnet/article/170236/

      Gee thanks Ted now I am going to be spending the day on Bot Nets  :'(

Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?