lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 May 2009 23:44:31 -0400 From: Shyaam <shyaam@...il.com> To: "Tomas L. Byrnes" <tomb@...neit.net> Cc: Untitled <full-disclosure@...ts.grok.org.uk>, Valdis.Kletnieks@...edu Subject: Re: Howto Simulate a BotNet ? That is a nice tool as such. Many of my friends have tested it, and it is really cool. Shyaam On Fri, May 8, 2009 at 10:00 PM, Tomas L. Byrnes <tomb@...neit.net> wrote: > Excuse the toppost: > > You might want to look into the work done @ SRI on the BotHunter project by Phil Porras, and Farnham Jahanian and others' work @ University of Michigan, which led to the creation of Arbor Networks. > > > >>-----Original Message----- >>From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure- >>bounces@...ts.grok.org.uk] On Behalf Of Jan G.B. >>Sent: Thursday, May 07, 2009 7:28 AM >>To: Mark Sec >>Cc: Valdis.Kletnieks@...edu; Untitled >>Subject: Re: [Full-disclosure] Howto Simulate a BotNet ? >> >>2009/5/7 Mark Sec <mark.sec@...il.com>: >>> Well, Im looking info: >>> >>> 1) See all the traffic (Over botnet) >>> 2) Administering many slaves (Lab) with the master (lab) via IRC, web, >>> etc... >>> 3) Probe attacks DDoS and DoS (Lab) >>> 4) Probe remote and Local Exploits >>> 5) Infected via remote <iframe>, exploit, XSS etc. >>> >>> any1 ? >>> >>> -Mark :-) >>> >>> >> >> >>Sounds to me, like you're about to test your botnet client in a >>virtual environment. >> >> >>> >>> >>> 2009/5/6 Aadil Noorkhan <a.noorkhan@...kbynet.com> >>>> >>>> Hello, >>>> >>>> The closest I could find are: >>>> - http://pages.cs.wisc.edu/%7Epb/botnets_final.pdf (rather >>interesting >>>> paper about an inside look at botnets) >>>> - http://www.breakingpointsystems.com/community/blog/botnet- >>simulation >>>> (video about a botnet simulation by BreakingPointSystems) >>>> >>>> Cheers, >>>> Aadil. >>>> >>>> On Thu, 2009-05-07 at 05:36 +0400, Valdis.Kletnieks@...edu wrote: >>>> > On Wed, 06 May 2009 18:07:48 CDT, Mark Sec said: >>>> > >>>> > > Does any1 know a tool. squema, info or ideas to simulate a >>Botnet? >>>> > > >>>> > > Ideas: >>>> > > >>>> > > A) Many Vmware (workstations) over win32 >>>> > > B) Make a fake traffic >>>> > > C) Make a scripts to simulate many hosts >>>> > > D) IDS/ IPS (to see the traffic) >>>> > >>>> > What behavior(s) of a botnet are you trying to simulate? There's a >>lot >>>> > of approaches, as you've already noticed - which one will work best >>will >>>> > depend a lot on what you're trying to do. >>>> -- >>>> Aadil NOORKHAN >>>> Administrateur Unix >>>> ------------------------------------------------------ >>>> LINKBYNET Indian Ocean >>>> BG Court, Route Saint-Jean, Quatre Bornes, Ile Maurice >>>> Tel direct : (+33) 01 48 13 21 78 >>>> Tel : (+33) 1 48 13 00 00 >>>> Fax : (+33) 1 48 13 31 21 >>>> Email : a.noorkhan@...kbynet.com >>>> Web : www.linkbynet.com >>>> ______________________________________________________ >>>> Astreinte : http://www.linkbynet.com/astreinte/ >>>> >>> >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >>_______________________________________________ >>Full-Disclosure - We believe in it. >>Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Thank you in advance for your time and consideration. Kind Regards, Shyaam Sundhar R.S. Site: www.EvilFingers.com Certification History: Audit: GPCI Legal: GCDS Management: GLDR Security: SSP-CNSA, SSP-MPA, SSP-GHD, GREM, GHTQ, GWAS, GIPS, GCFA, GCIA, GCIH Anti-Terrorism: CAS _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists