Add to collection(s) Add to saved
  1. No category
Uploaded by William Ho

Assignment 4

advertisement 
Restricted
Assignment 4 – Mininet & BGP Routing
51.506 Security Tools Laboratory
1. Objectives
By the end of this lab, you should be able to:
•
•
•
Know the basics of Mininet
Use Mininet for network simulation
Familiarize yourself with BGP and Zebra tools
VMs
Use xubuntu been provided.
Use NAT Network. You must be able to reach the Internet (try pinging google).
Password: xubuntu(sudo privileges given)
2. Mininet
•
•
Open bgp file in Desktop, e.g. /Desktop/bgp/. cd into that directory.
Change the permissions of all the files in that directory
#chmod a+x *.sh *.py
•
Run the installation file.
# ./install.sh
•
Kill the ovs-controller using following commands.
# ps aux | grep ovs-testcontroller
#sudo kill -9 <pid>
•
Start up Mininet
#sudo python3 bgp.py
•
Check running processes to ensure there are 3 instances of zebra and 3 of bgpd.
#ps aux | egrep “bgpd|zebra”
•
Explore the current topology by using Mininet commands: nodes, net, links, dump
You can also try help for other commands.
•
There are couple of routers and hosts, while hosts represent different smaller networks
connected to internal interfaces of the BGP routers.
Restricted
Restricted
•
In Mininet, you can open a terminal to any host or router using xterm.
mininet> xterm h1-1
• To zoom in : CTRL + Right Click to obtain the menu and choose ‘Large’
•
The opened terminal will provide you with an “internal view of the node”. You can run here
commands, such as ping, traceroute, nmap, wireshark, route -n or other standard bash
commands.
•
Complete the network diagram for each AS ( AS1/2/3) to include IP addresses of the
interfaces of routers (R1/2/3) and their individual hosts. Please note that the unknown AS?
is note active yet. You won’t be able to interact with it yet. You can add its details (AS
number and IP addresses) when doing Attack section.
3. BGP Traffic
•
Connect to the router running BGP by the provided script (outside of Mininet) to Cisco’s IOS
Command Line Interface (CLI).
# ./connect.sh R1 (password is mssd)
•
List BGP routes
#show ip bgp
•
You can also play with the different offered commands (try writing "?" or “<some
command>?” into shell).
•
Take a screenshot of the BGP propagated routes you can see at each of the currently
enabled routers.
Restricted
Restricted
•
Compare these routes to the routes you can obtain at each of 3 routers using route -n
command (in an xterm shell). Add these routes to the write-up and describe the differences.
•
Start a wireshark session on one of the routers (make sure to select the right interface) and
open an IOS CLI session to this router with the connect script.
Note: Don't be confused by all the terminals, remember you’ve:
1. Normal ubuntu terminal session
2. Mininet session (with mininet> prompt)
3. Xterm session to all Mininet components
4. CLI session to router (with bgdp-Rx> prompt where x is Router ID)
•
Type "enable" in the IOS CLI session to enable admin mode (password:mssd). Look at the
current routes.
# show ip bgp
•
Clear the exchanged routes.
#clear bgp external
•
Watch the BGP traffic establishing routes again. What 2 types of BGP messages you can see
(other than Keepalive)? Put the screenshot highlighting them in your report.
•
From h1-1, try to reach h3-3. Does it work?
•
From R1, try to reach h3-1(13.0.1.1). Does it work? If no, why not?
•
Modify the routing table to one of the routers to allow R1 access h3-1 (13.0.1.1).
Work only through the xterm session on the R1, R2, R3 and use route command to show and
modify routing table. Hint: try to use wireshark step-by-step on each interface in the path
between R1 and h3-1 and find out where the ICMP reply packets cease to return (this will be
the place for modification of routing table).
•
The command to add a default route for all packets is:
# route add default gw <ip of outgoing interface>
4. BGP Attack 1
•
A malicious attacker has control over AS4, which is BGP - peering with AS1. A user from AS1
want to visit a website on 13.0.1.1 (AS3). The attacker wants to redirect the user to his own
web server instead.
•
All configuration files are in ./conf/ folder
o bgpd - Rx.conf - configure the BGP setup of each router
o zebra - Rx.conf - configure the network interfaces of each router
Restricted
Restricted
•
Look at these files and try to understand what is configured, and how. Before running
attack, display the path of packets traveling to the benign web server from R1:
#traceroute -n 13.0.1.1
•
In the terminal, run the provided script for querying the web server:
# ./website.sh
It will continuously contact the web server on 13.0.1.1 from R1 (if you have already fixed
R3's routing table). Keep the script running in that terminal.
•
Open a wireshark session on R1, make sure to listen on all interfaces.
•
To perform the attack, you will have to modify only bgpd-R4.conf.
•
Run ./start_rogue.sh script in a terminal, which starts BGP routing process on malicious
router R4.
•
Observe the continuous results of the querying script running:
o If you have correctly modified configuration of R4, the victim should now see the
attacker’s website.
•
Observe the wireshark traffic. What types of BGP messages you can see after starting BGP
routing on malicious router (other than Keepalive)? What important information from
attacker’s point of view was transferred there?
•
Running ./stop_rogue.sh will stop the BGP routing on R4, so you can try other configurations
of R4, and start the attack again (by the previous script) without stopping the Mininet itself.
•
If your attack was performed successfully, find out the path from R1 to web server again and
compare it to the state before the attack. Add this comparison to your writeup.
5. BGP Attack 2
•
Based on what you have learned, create a DOS protection in AS 1 by injecting a black hole
route to prevent a DOS attack from AS 4. You can use hping for the DOS attack or any other
equivalent. Detail all your entries and changes and display screenshots as proofs for
successful changes all the way from the attack happening to the routing update which
prevents the attack. You must show that you have successfully mitigated the attack.
Restricted
Related documents
6.033 Computer System Engineering
6.033 Computer System Engineering
1. Jones and Manuelli (1990) explains Piketty (2014)
1. Jones and Manuelli (1990) explains Piketty (2014)
1. An Endogenous Growth Model
1. An Endogenous Growth Model
Sue Moon
Sue Moon
Shivam CV 20.01.2023.Doc
Shivam CV 20.01.2023.Doc
Download
advertisement