Upload
tram-tran
View
18
Download
0
Embed Size (px)
Citation preview
INTERNATIONAL UNIVERSITYSchool of Computer Science and Engineering
LAB4a: Botnet
Course: Network Security Lecturer: Pham Van Hau,PhDDate: Duration: 135 minutes
Student ID............................................ Student name……………………………
This lab aims at providing you and hand on experience on botnet. The main objective is to understand its concept. It is not our purpose to study in detail various commands of complex botnet implementations such as Agobot, SDbot. For our purpose, we use https://github.com/coleifer/irc
Hereafter are the instructions to run the botnet1) Download the source from https://github.com/coleifer/irc (or copy it from me) and copy it to the
two virtual machines2) On each virtual machine, run the following commands as root
apt-get install python-dev libpq-dev libevent-dev python-pippip install gevent pip install httplib2pip install irckit
3) Unzip the downloaded file a. tar -xzvf coleifer-irc-b85b218.tar.gzb. cd coleifer-irc-b85b218
4) Read the README.rst to know it works and start the botnet. Hereafter is a its short summary
a. Start the server:Turn on wiresharkpython botnet/bossy.py –c secretbotz_tobe_renamed –n choose_you_word
Task1: Observe the traffic captured by Wireshark and explain what happenb. On the other virtual machine, start the bot
python botnet/worker.py –b choose_you_word Task 2: Observe the traffic captured by Wireshark and explain what happen
c. Task 3: use irc client to connect to the server and issue commands5) Task 4: Propose a way to integrate this simple botnet and the simple worm that you have
studied.6) Task 5: Implement what you have proposed in task 4