MSU
CSE425
CSE 425 Intro to Computer Security
Project 2: A lightweight DNS redirection ampli cation attack.
1 Goal
This project aims to provide you with an idea how a DNS server can be abused to launch a redirection ampli cation
attack against users. In this project, you are expected to learn how to use spoof the IP address of a victim, create
a DNS query message, and abuse a DNS server (i.e., asking it to send an unsolicited DNS response message to the
victim). You must develop, implement, test your programs in a controlled environment (i.e., using your private Wi-Fi
network and devices). You cannot launch this attack against other people, networks, infrastructure, equipment, etc!!
2 Working Environment
In this project, you need to develop your program on a VMWare virtual machine (Ubuntu-18.04.1). Please download
it via https://www.dropbox.com/s/m15mahwb8lhypez/CSE425.zip?dl=0. We have pre-installed GCC, g++, Java,
Perl5, and Python3 on this VMWare virtual machine. If you don’t know what VMWare is, please google it. There
are lots of related video on Youtube.
The username and password for this VM is cse425/cse425. The superuser’s password is cse425.
There is a sample raw socket udp.c in /home/cse425/raw socket. You can compile it via "gcc raw socket udp.c
-o raw socket udp" and run it via "sudo raw socket udp."
Please modify raw socket udp.c to implement all tasks of this project.
TA will only use this VM to run and evaluate your program. Your program shall not rely on any libraries or
services which are not installed on this VM.
3 Team
In this project, you can team up with another student. The max number of students in each group is 2.
4 Instructions
In this project, you are expected to complete the following four tasks. Note that the fourth task is optional (bonus)
not required.
Task 1: You can spoof IP address of TAs device and send an IP packet on behalf of TA’s device to any host
on the Internet. (35%)
Task 2: You can send a DNS query message on behalf of TA’ device to a DNS server. The TA’s device shall
be able to receive the corresponding DNS response message sent by the DNS server. Note that you just need
to send single DNS query message instead of a number of DNS query messages. (65%).
1
MSU
CSE425
Task 3 (Bonus, 30%): You can create a special DNS query message so that the ratio of the length of DNS query
message to the length of DNS response message is larger than or equal to 5 (i.e., ampli cation factor). Note
that in case no groups can achieve this goal, the groups which can create top 5 largest ratio will receive the
bonus. Moreover, there is an online article you may want to read to nish this task, https://www.incapsula.
com/ddos/attack-glossary/dns-amplification.html.
Please pay attention to Section 6 before you develop your program!!
5 Special rules
TA and the instructor can only give you a rough idea how to implement this project. We cannot help you to
debug or gure out why your program cannot get compiled or work abnormally!!
You can only launch this proof-of-concept attack against yourself and your own devices. You CANNOT launch
attacks against other entities/parties including but not limited to, individuals, networks, facilities, devices,
equipment.
6 Materials to turn in
Your executable program which accepts two input parameters: the IP address TA’s device and the IP address
of a DNS server. Note that you need to write a step-by-step instructions so that TA can execute your program
correctly. If TA fails to run your program, you will receive a grade of 0.
Your source codes.
A one-page report (US letter size) which brie y describes how you complete tasks 1, 2, and 3.
7 Project Submission
1. Put all your les into a directory, named \project2 MSUID1 MSUID2" or \project2 MSUID1" where MSUID1
or MSUID2 is the MSU ID one of students in your team. Add two MSU IDs to the name of directory if there
are two students in your team.
2. The directory \project2 MSUID1 MSUID2" or \project2 MSUID1" should include the following les:
Your program and the manual describes how to run it.
Your source codes.
Your report (e.g., report.doc, report.pdf).
3. Zip your directory to \project2 MSUID1 MSUID2.zip" or \project2 MSUID1.zip"
4. Upload your zip le to D2L through Assignment Submission Folder.
5. Report due date is 11:59 pm, Thursday, Oct. 25, 2018.