LAB NO 14 BOTNET attack

Introduction
A botnet is a network of compromised devices controlled by a single attacker, often used to launch
Distributed Denial of Service (DDoS) attacks. UFONet is a popular tool for conducting stress tests and
demonstrating botnet-based attacks in a controlled and ethical environment for cybersecurity learning
purposes.
In this lab, we explore how to use UFONet to simulate a botnet attack, understand its working
mechanism, and analyze the results.
Objective
1. Understand the concept of botnets and DDoS attacks.
2. Learn how to set up and use UFONet in a controlled lab environment.
3. Simulate an attack for educational purposes and analyze its impact.
Tools and Requirements
1. UFONet - An open-source toolkit for botnet simulation.
2. A Linux system (Kali Linux recommended)
3. Python 3 installed on the system.
4. Target for testing (a local server or intentionally vulnerable environment).

Steps to Demonstrate a Botnet Attack Using Ufonet:

1. Install Ufonet
First, ensure that you have Ufonet installed on your system. You can download
it use git to clone it by command git clone
https://github.com/epsylon/ufonet.git.
2. Open Ufonet

After installation, navigate to the directory where Ufonet is installed.

Run the command ./ufonet --gui to start the Ufonet application. This will launch
the user interface in your terminal.

3. Start mothership and enter botnet Tab

After entering the Gui then enter the mothership by clicking in the mothership then click on the
botnet tab for the further steps.
 4. Download Bots for the Attack from Blackhole Server
Once Ufonet is running, Firstly go to the botnet tab then,you will be prompted to select a the
black hole server for downloading the bots for your DDoS attack. The download can be from a
given server or from your dedicated server.
 5. Select the Target:
Ufonet will present you with a list of available options. To launch a DDoS attack, you need to
specify the target URL (the website you intend to test) ,for this firstly enter the Attack tab
then give the url for the attack,we give the number of rounds for the DDos and we can also
generate it on the map and select dork(php file of webserver).

6. Launch the Attack

After Launching the attack then we will start getting the number of bytes that increase to load
the webserver as the bots are continuously attacking the websites and it shows the byte Ratio.

7. Stop the Attack

To stop the botnet attack, simply press CTRL+C in the terminal. The attack will stop, and the
system will return to the command prompt.
Preventions
Preventing botnet attacks involves a combination of good cybersecurity practices and tools. Here
are some effective strategies:
1. Install Cybersecurity Solutions: Use firewalls, intrusion detection
systems (IDS), and antivirus software to protect your network.

2. Monitor Network Traffic: Keep an eye on network traffic for any suspicious
activity or unexpected surges in requests.
3. Use DDoS Protection Tools: Implement DNS filtering and other DDoS protection
tools to block malicious traffic.

4. Keep Software Updated: Regularly update all software, including operating systems
and applications, to patch vulnerabilities.

5. Strong Passwords: Use hard-to-crack passwords and change them regularly.

6. Employee Awareness Training: Educate employees about the risks of phishing

attacks and the importance of not clicking on suspicious links.

7. Secure Devices: Ensure that all devices entering the network have strong security
settings.
Rubrics:
Correctly
Plagiarized
Requirements Observations Appropriate drawn
content
Report are listed and are recorded computations conclusion
Laboratory presented
not experimental along with or numerical with
Reports or
submitted procedure is detailed analysis is
incomplete exact
presented procedure performed
submission results

Student is Student can Student has Student has Student

unable to understand followed constructed perfectly
follow the the provided instructions the implemented
provided laboratory to construct functional/ a working
instructions instructions the working model/ logic/
properly. and familiar fundamental schematic/ circuit/
The with the lab schematic/ model/ block
student environment block block diagram/ code
can name (Trainer/ diagram/ diagram/ and
the software/ code/ model code, and successfully
Demonstration Absent hardware IDE), but on the have executed the
or cannot protoboard/ successfully lab objective
simulation implement trainer/ executed the in Realtime or
platform, on the simulation program/ in a
but unable software. run circuit simulation
platform
to practically on software environment
implement or on the platform and
anything software produced
practically the desired
or on the results
software
Category Ungraded Very Poor Poor Fair Good Excellent
Percentage [0] [1-20] [21-40] [41-60] [61-80] [81-100]
Marks 0.0 0.01 - 0.20 0.21 - 0.40 0.41 - 0.60 0.61 - 0.80 0.81 - 1.0
Date Total Instructor’s Signature
Marks
 and
complete
report in
all
respects

Category Ungraded Very Poor Fair Good Excellent

Poor
Percentage [0] [1-20] [21-40] [41-60] [61-80] [81-100]
Marks 0.0 0.01 - 0.20 0.21 - 0.40 0.41 - 0.60 0.61 - 0.80 0.81 - 1.0
Date Total Instructor’s Signature
Marks