Testbed setup:
username: root
password: cs03aw
vmware file location:
ardor.uccs.edu:
d:/vmware/ycai2,
client, proxy, altgw, maingw, target 5 directories.
make sure the network cards of vmware is correct: use bridged for first one, use
host-only for the rest.
To save disk space,
the clientDNS and client are on same machine client,
the targetDNS, the coordinator and target server are on
same machine target,
the DDoS attackers and main gateway are on same machine
maingw,
Demo steps:
1) Open 5 vmware machines: client, proxy, altgw, maingw, target,
2) Go to "/home/ycai/sslres" directory on all those machines
3) Run script "sh init.sh" on all those machines to initialize the machines,
like run the scold demo, set up direct route, set the routing table....
4) Now to show the direct route:
on client machine, you can do the followings:
you can ping 192.168.4.2(target.csnet.uccs.edu) from
192.168.0.1(client.csnet.uccs.edu)
you can verify the direct route by "traceroute
target.csnet.uccs.edu", 2 hops
you can run "sh http_demo.sh" to see the http download of a
big file from client to target with speed average of 50k - 60k/s
5) Now launch DDoS attack
run "sh ddos_attack.sh" on target machine to launch the
attack,
run "sh http_demo.sh" on client machine to see the http
download speed drop dramatically to 1k -10k/s
6) Now start the indirect route
run "sh indirec_route.sh" on target machine to launch the
indirect route,
(stop the "sh http_demo.sh" job on client machine in step 5)
run "sh http_demo.sh" on client machine to see the indirect
route, you will see initil setup delay or try again, but after that, it runs
fast (about 40k/s)
you can verify the indirect route by "traceroute
target.csnet.uccs.edu"
7) If needed, you can run "cleanipip.sh" to clean up the indirect route, or "init.sh"
to clean up the whole system and start a new demo. (not necessary)
Below are only for my own references:
sdns installation:
1) get sdns source file from gandalf, get bind source from internet
2) get openssl file from gandalf: /usr/include/openssl
3) compile:
"./configure -with-openssl"
"make"
"make depend"
"make install"
4) get zone file from gandalf:/var/named
5) get bind conf file from gandalf: /etc/named.conf
libresolve installation:
1) source file in athena.uccs.edu:~ycai/glibc/resolv/res_query.c and
more
2) go to glibc/compile, and run make to compile
3) go to glibc/compile/resolv and look for libresolv.so
4) copy the libresolv.so to the client machine /lib directory,
"ls -la /lib/libresolv*"
"rm -f /lib/libresolv.so.2"
"ln -s /lib/libresolv.so /lib/libresolv.so.2"