At this level you are supposed to build a network using the module VMs or mininet. Feel free to use http://mininet.org/.
• Draw a diagram to show the topology of your network. Each computer on the diagram should have its IP address labelled.
• Test connectivity of the network by using the ping command.
o If you have a group of four people with four VM, full connectivity between any two machines should be tested. You should also test the connectivity to the Internet on VM.
o If you use mininet, also show the connectivity between each host in your network. Hosts in mininet can also be connected to the Internet but it requires extra configuration so is not compulsory at this level.
At this level you are supposed to generate some network traffic on your network, observe the traffic in network sniffer(s) and measure network performance. This step is important as it builds the benchmark for you to compare with later levels.
Generate traffic :
• It is your choice of what kind of traffic you want to generate via standard Internet applications or a tool you research and find to generate Internet traffic
• You may use Internet applications to generate traffic.
• You may set up services (SSH,FTP,SMB, etc…)
• You may use the tool iperf to generate UCP and/or TCP traffic on your network. This makes the volume of the traffic easily controllable. Iperf can be used on VM and mininet.
• Use tcpdump or wireshark to monitor the traffic.
• Analyse the traffic at protocol level, packet level and flow level using wireshark Network performance analysis:
• Analyse the performance of the TCP/UDP traffic such as throughput, delay and packet loss. You can get the performance data from iperf output or wireshark statistics. Use statistical and graphical tools to highlight traffic characteristics.
At this level the focus is on attacking the network and impact its performances.
Suggested steps :
• Generate normal traffic
• Generate an attack or multiple attacks such as ICMP flooding, TCP SYN flooding, IP spoofing or any other, when the normal traffic is ongoing
o Remember you can use multiple machines/VMs or multiple hosts in mininet
o You can use hping3 or any other tool
o Feel free to be creative while generating the attack
Analyse how network attacks impact the network, via traffic analysis and network performance analysis by comparing the results with that at level 2. Use graphical tools to highlight traffic characteristics and the impact of the chosen attack. E.g. in case of DoS attack analyse the degradation of the network connection, in case of hijacking how the session was stolen.