 You don't have to read and understand all of this, look for the commands, you'll need to run them, but be careful, don't just copy and paste directly. For example here, this one, you need to do these commands on node 7 and node 8. So just read, I think you can copy and paste them on node 7 and node 8 and then that part's done. But in some cases in these instructions, for example here, you need to run these commands to turn off some security features. But just be careful, remember to repeat on node 7 as well. So just read a little bit because it says do this on node 2 and node 7. So even if you don't understand this part, it's not so important, it's just setting up, but just try and set it up correct. And then you need to run this one, for example, on nodes 4, 5 and 6. Node 3, 4, 5 and 6, so repeat this command on 4 nodes. Then that's set up, set up for both the ping attack and for the NTP attack. How to set a fake source address is the command, if you want to change the source then change it. I think this one will work for the attack. Note that this fake source address is for, zoom in a little bit, is for only for ICMP packets. That means whenever I send an ICMP packet, a ping packet, I will use this fake source address. But when I send a different packet, I will use my normal source address. That works in the ping attack, in the NTP attack. It doesn't use ICMP, it uses UDP. So you'll need to change this to UDP in the NTP attack, that's all. But the rest is the same. What else? So that's the ping one. You don't need to do this one. We did it in the lecture, I showed you ping broadcast. You don't need that, you can do it if you like, but you don't need it. You can skip that part. How to capture, your experts are capturing. Why do you capture? To see what's happening. IP Traff, try that, you'll need that. It's just a nice way to see the number of packets and bytes coming in and out of the particular computers. It's quite easy to use, alright? In fact, you should try this, it's not too hard, but then I give you a script so you put this into a file for the ping one. You copy and paste into a file and you eventually run it here. And it pings many computers with these size packets at this interval. And you should see, if you run IP Traff, you should see the amount of packets coming in and out. But we did that in the lecture. So now, if you've set everything up as in this one, and so the setup procedure, then you go into the NTP attack. So even if you don't do the ping attack, if you think you understand it, then go to the NTP attack and try that. And I describe it, but the idea is that with ping, when I send a ping request, in our example, it was a ping, let's say, is 100 bytes. And the reply is 100 bytes. Whereas with NTP, we can use this feature where I send a NTP request to a server. Maybe that's 100 bytes. And the reply is 400 bytes. And the way that we're using a fake source address is that I send a 100 byte packet to some reflector node, and that one sends a 400 byte packet to the target. This is amplification. We've increased the amount of data going to the target just by using a different protocol. Ping, you can't do that because the request and response are about the same size. There are some protocols, there are features that you can send a small request but get a big response. And that's what you want to try and achieve here. That's the idea. And this attack has been used recently. So set up as in the ping one, and then you need to do a bit more setup. NTP is not supported on all computers, so we need to set it up. On some of the computers, nodes 1, 3, 4, 5, and 6, you need to install the NTP server. So just run this command and then set them up according to what the instructions here. Copy and paste these into a configuration file and restart the server. So now the NTP server is ready and running. What is NTP? You send a request to an NTP server, it tells you the time. The time to set your computer clock for, a network time protocol. And they get the time usually from some atomic clocks. You can test and see, you can use this program from one computer, send it to a NTP server, and it will send back the time so your computer sets its clock. So that's synchronized, it just syncs the clocks. That's just to show that it works. This is the command that sends a small request and gets a big reply. Basically you send a request to a server and it sends back all these details. Small request, large reply. And then I think you need to read through and then perform the attack. And I give you some scripts that you can use there. And eventually you should get to this point, you run this NTP repeat, many different reflectors at some rate, some number of requests. So 10 per second, sending 100 requests to these two nodes. The idea is that you send requests to those two nodes and they're going to send replies to the target, big replies to the target, overflowing the target. So try. Last thing, some people, they've been problems with setting up the virtual network and that's correct. So, and I'll maybe send an email to the entire class. But in short, what do you need to do? You need to update, scroll down. You need to do an SVN update on your computer, on the host computer, in the directory where you installed VertNet. And then you need to log into the base virtual machine, start it and log in and do an SVN update there. But there's a couple of extra steps to make it work. You need to delete this file and turn off. So you just run these four commands on the base virtual machine. And then there's a snapshot of that base virtual machine. You need to delete it. So in virtual box, you'll see this. Here's my base. I start it. I run the commands listed here. I turn it off, power off. So it's in this state. But if you look in virtual box, it shows what these snapshots, like copies. And it says there's one also called base. I think you'll see this base snapshot here. Delete it. I will not delete mine for different reasons, but you delete that snapshot there, OK? So that there are no snapshots. So that's one thing that I didn't include in the instructions and I think that will cause problems if you don't delete it. So delete it. And then you can create your topology, OK? So update your computer. Log into base. Update the base computer with these commands. Turn off the base. Power off. Delete the base snapshot. And then create the topology number 26. I tried it on the Mac, a one Mac, in the lab this morning. And when I did these steps, it worked, OK? And because some people said it didn't work and I think it's because of, I forgot to say, delete the snapshot. I think neither of you would have deleted the snapshot, because I forgot to say. Try it. Let me know if it doesn't work. Do it this as soon as possible, OK? And ask questions as you have them. Any questions? OK. See you next Tuesday.