Latest version: 2.1.0

NDPMon in the press

Downloads

Documentation

Plugins

Training

Community

edit SideBar

Virtual Testbed

This testbed is the one used during the development of NDPMon and consists in the reference platform for all validation tests.

It is based on libvirt and its scnearios are orchastrated with VNX, Virtual Networks over linuX.

Overview

The virtual network uses IPv4 addresses within the 10.0.0.0/16 range, and the ULA prefix fd75:7c74:2274::/48. All hosts are running Ubuntu 12.04 LTS in Qemu/KVM virtual machines.

In its most simple scenario, it is composed of:

  • 1 interconnection network Net0 between the host and the virtual testbed, with IPv4 address 10.0.0.0/24
  • 1 Dual Stack subnet, Net1, with IPv4 address 10.0.1.0/24 and IPv6 prefix fd75:7c74:2274:1::/64
  • 1 router, router1 running Quagga
  • 1 host running NDPMon with the MAC Vendor Resolution, WEB Interface, Syslog Filtering and Countermeasures plugins, ndpmon with autoconf and privacy extensions disabled
  • 1 host acting as an attacker with the THC IPv6 Hacking Toolkit, and Scapy, with autoconf and privacy extensions disabled
  • 2 hosts, host1 with privacy extensions disabled, and host2 with privacy extensions enabled

Downloads

All the images distributed here are based on the Ubuntu 12.04 image from VNX

All virtual images have the same credentials, login 'root' and password 'root'.

Warning: keyboard has AZERTY layout by default, use dpkg-reconfigure console-data to set another keymap, or use loadkeys

Run it

Documentation about VNX installation and usage are available here.

To make this virtual testbed work, download all 4 rootfs images and the XML scenario file. Decompress the virtual images and create links in /usr/share/vnx/filesystems/ as follows:

  1. /usr/share/vnx/filesystems/rootfs_attacker -> /home/beck/Work/Utils/vnx/rootfs/vnx_rootfs_kvm_attacker.qcow2
  2. /usr/share/vnx/filesystems/rootfs_ndpmon   -> /home/beck/Work/Utils/vnx/rootfs/vnx_rootfs_kvm_ndpmon.qcow2
  3. /usr/share/vnx/filesystems/rootfs_router   -> /home/beck/Work/Utils/vnx/rootfs/vnx_rootfs_kvm_router.qcow2
  4. /usr/share/vnx/filesystems/rootfs_ubuntu   -> /home/beck/Work/Utils/vnx/rootfs/vnx_rootfs_kvm_host.qcow2

Scenario handling

To run the scenario, as root, do

  1. vnx -f ndpmon_testbed.xml -v --create

You will be shown a table with all the information to open consoles manually with the given commands:

  1. VM_NAME     | TYPE                | CONSOLE ACCESS COMMAND
  2. -----------------------------------------------------------------------------------------
  3.  router1     | libvirt-kvm-linux   | con0:  'virt-viewer -c qemu:///system router1' or 'vncviewer :0'
  4.              |                     | con1:  'virsh -c qemu:///system console router1' or 'screen /dev/pts/1'
  5. -----------------------------------------------------------------------------------------
  6.  ndpmon      | libvirt-kvm-linux   | con0:  'virt-viewer -c qemu:///system ndpmon' or 'vncviewer :1'
  7.              |                     | con1:  'virsh -c qemu:///system console ndpmon' or 'screen /dev/pts/3'
  8. -----------------------------------------------------------------------------------------
  9.  attacker    | libvirt-kvm-linux   | con0:  'virt-viewer -c qemu:///system attacker' or 'vncviewer :2'
  10.              |                     | con1:  'virsh -c qemu:///system console attacker' or 'screen /dev/pts/7'
  11. -----------------------------------------------------------------------------------------
  12.  host1       | libvirt-kvm-linux   | con0:  'virt-viewer -c qemu:///system host1' or 'vncviewer :3'
  13.              |                     | con1:  'virsh -c qemu:///system console host1' or 'screen /dev/pts/9'
  14. -----------------------------------------------------------------------------------------
  15.  host2       | libvirt-kvm-linux   | con0:  'virt-viewer -c qemu:///system host2' or 'vncviewer :4'
  16.              |                     | con1:  'virsh -c qemu:///system console host2' or 'screen /dev/pts/11'
  17. -----------------------------------------------------------------------------------------

You can show the previous table at any time with:

  1. sudo vnx -f tutorial_ubuntu.xml -v --console-info

To stop it, keeping the changes you made

  1. vnx -f ndpmon_testbed.xml -v --shutdown

You can suspend and restore an individual virtual machine with:

  1. vnx -f ndpmon_testbed.xml -v --shutdown -M host1
  2. vnx -f ndpmon_testbed.xml -v --create -M host1

If the scenario or an individual virtual machine does not respond anymore, use destroy:

  1. vnx -f ndpmon_testbed.xml -v --destroy -M host1
  2. vnx -f ndpmon_testbed.xml -v --destroy

Access the virtual machines

Once the scenario is started, you will see the five virtual machine textual consoles opening. If you close the consoles, you can them with:

  1. sudo vnx -f ndpmon_testbed.xml -v --console con1 -M <vmname>

<vmname> being the name of the virtual machine.

All images are running an SSH server with X-forwarding enabled. To connect to any of the hosts, simply use:

  1. ssh -X root@<vnx-host-address-or-name>

As these are libvirt virtual machines, they can also be managed with virsh:

  • List the running virtual hosts
  1. # virsh list
  2.  ID Nom                  √Čtat
  3. ----------------------------------
  4.  1 router1              running
  5.  2 ndpmon               running
  6.  3 host1                running
  7.  4 host2                running
  8.  5 attacker             running
  • Open a console
  1. # virsh console 2
  2. Connected to domain ndpmon
  3. Escape character is ^]
  4.  
  5. Ubuntu 12.04 LTS ndpmon ttyS0
  6.  
  7. ndpmon login: