|
|
[ Message Precedent sur la mailing][ Message Suivant sur la mailing][ Precedent dans le fil][ Prochain dans le fil][ Index par Date][ Index par fil]
Re: [Full-disclosure] Howto Simulate a BotNet ?
Thanks for u response, mmmm any1 have the official link to down ns2 (win32/ Linux) -mark 2009/5/8 Shyaam <shyaam@xxxxxxxxx>
That is a nice tool as such. Many of my friends have tested it, and it
is really cool.
Shyaam
On Fri, May 8, 2009 at 10:00 PM, Tomas L. Byrnes < tomb@xxxxxxxxxxx> wrote:
> Excuse the toppost:
>
> You might want to look into the work done @ SRI on the BotHunter project by Phil Porras, and Farnham Jahanian and others' work @ University of Michigan, which led to the creation of Arbor Networks.
>
>
>
>>-----Original Message-----
>>From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx [mailto: full-disclosure-
>> bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Jan G.B.
>>Sent: Thursday, May 07, 2009 7:28 AM
>>To: Mark Sec
>>Cc: Valdis.Kletnieks@xxxxxx; Untitled
>>Subject: Re: [Full-disclosure] Howto Simulate a BotNet ?
>>
>>2009/5/7 Mark Sec < mark.sec@xxxxxxxxx>:
>>> Well, Im looking info:
>>>
>>> 1) See all the traffic (Over botnet)
>>> 2) Administering many slaves (Lab) with the master (lab) via IRC, web,
>>> etc...
>>> 3) Probe attacks DDoS and DoS (Lab)
>>> 4) Probe remote and Local Exploits
>>> 5) Infected via remote <iframe>, exploit, XSS etc.
>>>
>>> any1 ?
>>>
>>> -Mark :-)
>>>
>>>
>>
>>
>>Sounds to me, like you're about to test your botnet client in a
>>virtual environment.
>>
>>
>>>
>>>
>>> 2009/5/6 Aadil Noorkhan < a.noorkhan@xxxxxxxxxxxxx>
>>>>
>>>> Hello,
>>>>
>>>> The closest I could find are:
>>>> - http://pages.cs.wisc.edu/%7Epb/botnets_final.pdf (rather
>>interesting
>>>> paper about an inside look at botnets)
>>>> - http://www.breakingpointsystems.com/community/blog/botnet-
>>simulation
>>>> (video about a botnet simulation by BreakingPointSystems)
>>>>
>>>> Cheers,
>>>> Aadil.
>>>>
>>>> On Thu, 2009-05-07 at 05:36 +0400, Valdis.Kletnieks@xxxxxx wrote:
>>>> > On Wed, 06 May 2009 18:07:48 CDT, Mark Sec said:
>>>> >
>>>> > > Does any1 know a tool. squema, info or ideas to simulate a
>>Botnet?
>>>> > >
>>>> > > Ideas:
>>>> > >
>>>> > > A) Many Vmware (workstations) over win32
>>>> > > B) Make a fake traffic
>>>> > > C) Make a scripts to simulate many hosts
>>>> > > D) IDS/ IPS (to see the traffic)
>>>> >
>>>> > What behavior(s) of a botnet are you trying to simulate? There's a
>>lot
>>>> > of approaches, as you've already noticed - which one will work best
>>will
>>>> > depend a lot on what you're trying to do.
>>>> --
>>>> Aadil NOORKHAN
>>>> Administrateur Unix
>>>> ------------------------------------------------------
>>>> LINKBYNET Indian Ocean
>>>> BG Court, Route Saint-Jean, Quatre Bornes, Ile Maurice
>>>> Tel direct : (+33) 01 48 13 21 78
>>>> Tel : (+33) 1 48 13 00 00
>>>> Fax : (+33) 1 48 13 31 21
>>>> Email : a.noorkhan@xxxxxxxxxxxxx
>>>> Web : www.linkbynet.com
>>>> _______
>>>> Astreinte : http://www.linkbynet.com/astreinte/
>>>>
>>>
>>>
>>>
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
>
>
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Thank you in advance for your time and consideration.
Kind Regards,
Shyaam Sundhar R.S.
Site: www.EvilFingers.com
Certification History:
Audit: GPCI
Legal: GCDS
Management: GLDR
Security: SSP-CNSA, SSP-MPA, SSP-GHD, GREM, GHTQ, GWAS, GIPS, GCFA, GCIA, GCIH
Anti-Terrorism: CAS
Full-Disclosure - We believe in it.
Charter: link://[click]
Hosted and sponsored by Secunia - link://[click]
Archives de la liste de diffusion Secunia
Archives de la liste de diffusion Full Disclosure
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
