That is a nice tool as such. Many of my friends have tested it, and it is really cool.
Shyaam On Fri, May 8, 2009 at 10:00 PM, Tomas L. Byrnes <[email protected]> wrote: > Excuse the toppost: > > You might want to look into the work done @ SRI on the BotHunter project by > Phil Porras, and Farnham Jahanian and others' work @ University of Michigan, > which led to the creation of Arbor Networks. > > > >>-----Original Message----- >>From: [email protected] [mailto:full-disclosure- >>[email protected]] On Behalf Of Jan G.B. >>Sent: Thursday, May 07, 2009 7:28 AM >>To: Mark Sec >>Cc: [email protected]; Untitled >>Subject: Re: [Full-disclosure] Howto Simulate a BotNet ? >> >>2009/5/7 Mark Sec <[email protected]>: >>> Well, Im looking info: >>> >>> 1) See all the traffic (Over botnet) >>> 2) Administering many slaves (Lab) with the master (lab) via IRC, web, >>> etc... >>> 3) Probe attacks DDoS and DoS (Lab) >>> 4) Probe remote and Local Exploits >>> 5) Infected via remote <iframe>, exploit, XSS etc. >>> >>> any1 ? >>> >>> -Mark :-) >>> >>> >> >> >>Sounds to me, like you're about to test your botnet client in a >>virtual environment. >> >> >>> >>> >>> 2009/5/6 Aadil Noorkhan <[email protected]> >>>> >>>> Hello, >>>> >>>> The closest I could find are: >>>> - http://pages.cs.wisc.edu/%7Epb/botnets_final.pdf (rather >>interesting >>>> paper about an inside look at botnets) >>>> - http://www.breakingpointsystems.com/community/blog/botnet- >>simulation >>>> (video about a botnet simulation by BreakingPointSystems) >>>> >>>> Cheers, >>>> Aadil. >>>> >>>> On Thu, 2009-05-07 at 05:36 +0400, [email protected] wrote: >>>> > On Wed, 06 May 2009 18:07:48 CDT, Mark Sec said: >>>> > >>>> > > Does any1 know a tool. squema, info or ideas to simulate a >>Botnet? >>>> > > >>>> > > Ideas: >>>> > > >>>> > > A) Many Vmware (workstations) over win32 >>>> > > B) Make a fake traffic >>>> > > C) Make a scripts to simulate many hosts >>>> > > D) IDS/ IPS (to see the traffic) >>>> > >>>> > What behavior(s) of a botnet are you trying to simulate? There's a >>lot >>>> > of approaches, as you've already noticed - which one will work best >>will >>>> > depend a lot on what you're trying to do. >>>> -- >>>> Aadil NOORKHAN >>>> Administrateur Unix >>>> ------------------------------------------------------ >>>> LINKBYNET Indian Ocean >>>> BG Court, Route Saint-Jean, Quatre Bornes, Ile Maurice >>>> Tel direct : (+33) 01 48 13 21 78 >>>> Tel : (+33) 1 48 13 00 00 >>>> Fax : (+33) 1 48 13 31 21 >>>> Email : [email protected] >>>> Web : www.linkbynet.com >>>> ______________________________________________________ >>>> Astreinte : http://www.linkbynet.com/astreinte/ >>>> >>> >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >>_______________________________________________ >>Full-Disclosure - We believe in it. >>Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>Hosted and sponsored by Secunia - http://secunia.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- Thank you in advance for your time and consideration. Kind Regards, Shyaam Sundhar R.S. Site: www.EvilFingers.com Certification History: Audit: GPCI Legal: GCDS Management: GLDR Security: SSP-CNSA, SSP-MPA, SSP-GHD, GREM, GHTQ, GWAS, GIPS, GCFA, GCIA, GCIH Anti-Terrorism: CAS _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
