Download Network Analysis Labs
To download the contents for each lab please send an e-mail to ia@mgt.unm.edu and the school where you teach or research.
The following Information Assurance labs are available for download:
Network Analysis
- Intro to Packet Sniffing and Traffic Analysis
- Intro to SQL Injection Attack
- ICMP Reset Attack
- Malicious Code and Network Analysis
- Man in the Middle Attack (ARP Poisoning on HTTPS)
- Man in the Middle Attack: DNS Spoofing
- Man in the Middle Attack on Windows Systems
- Port Specification and Service Type Detection
- Intro to Denial of Service Attack
- SQL Injection (PHP and MySQL)
Intro to Packet Sniffing and Traffic Analysis
Intro to Packet Sniffing and Traffic Analysis
Author: Alessandro Seazzu, Fall 2004
Revised: Joel Nunes, Spring 2006
Alessandro Seazzu, July 12, 2006
CNSS/NSTISSI Mapping: n/a
Abstract:
Ethereal is an open source packet sniffer that can decode, filter
and analyze network traffic with an easy to use GUI. Additionally,
Ethereal can read the data files from a multitude of other packet sniffers,
letting you analyze previously collected data. In this lab you will be directed
to examine several files of captured traffic to better comprehend how different
protocols interact and establish a working knowledge of Ethereal.
Requirements:
You will need a Windows XP system running on VMWare Workstation along with
Ethereal and some files containing captured network traffic communications
using different protocols.
Download Intro to Packet Sniffing and Traffic Analysis (12,679.487 KB)
SHA1: 32e6b9ac3b002f49452102f81d5c1c6fa9a35325
Intro to SQL Injection Attack
Authors: Lee Derks, Eve Gedanic Spring 2008
Revised by: Alessandro Seazzu, Summer 2008
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is designed to give you a feel for SQL injection attacks and what a hacker can gain from them. It
also shows how you, as an application programmer, can lesson the probability of these types of attacks.
In this lab you will be directed to input several SQL queries into a web form; then you will examine the
query results to better understand how queries reveal sensitive information.
Requirements:
You will need a Windows XP system running on VMWare Workstation. The software and tools required
for this tutorial(s) are open source, freeware, shareware, trial version or a combination thereof. It is
recommended that the user take a few minutes to read the entire tutorial before starting any computer
interactions.
Download Intro to SQL Injection Attack (37,256.263 KB)
SHA1: bbe69bab66ff6bd0f9f445a297ebbbd40d594fd2
ICMP Reset Attack
Authors: Luca Taylor, Fall 2007
Revised by: Hue Lai, Spring 2008
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is designed to give you hands on experience with the execution of a blind ICMP reset attack
against a vulnerable client. The environment we will simulate in the lab is one where an attacker will
interrupt a download that is occurring on the victim’s machine. This attack will demonstrate the inherent
vulnerability that is built-in to the ICMP specification.
Requirements:
The requirements include using VMWare with Microsoft Windows XP, and the Linux virtual appliance
provided in the lab folder. The software and tools required for this tutorial(s) are open source, freeware,
shareware, trial version or a combination thereof. As such, some tools or software might expire or will be
outdated by the time this lab is executed. If the executables accompanying this lab do not work, please
download the latest version from the website provided in this lab. It is recommended that the user take a
few minutes to read the entire tutorial before starting any computer interactions.
Download ICMP Reset Attack (235,693.163 KB)
SHA1: bea707e8a0ae1b4f664c2e35c7617a305b41c428
Malicious Code and Network Analysis
Malicious Code and Network Analysis
Author: Alessandro Seazzu, Fall 2004
Revised: Joel Nunes, Spring 2006
Alessandro Seazzu, June 20, 2006
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is designed to give the students a hands-on experience on what the
potential distribution, behaviors and network communications of malicious code
are. The environment simulated in the lab is one where an attacker distributes a
macromedia flash game to a victim system. The victim executes the malicious
code on their system believing that they are only playing a game.
Requirements:
The lab uses VMWare and two operating system images (Windows XP and Windows 2000)
configured in an isolated network (host-only VMWare adapters) during the execution
of malicious code.
Download Malicious Code and Network Analysis (24,127.544 KB)
SHA1: 419ddb6586219113980f1af2deb3379de33bdb8a
Man in the Middle Attack (ARP Poisoning on HTTPS)
Authors: Meredith Haney and Katayoon Ghanbari, Fall 2007
Revised by: Hue Lai, Spring 2008
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is based off of Lab 14 – Man in the Middle Attack on Windows Systems. It is a
continuation of the Lab 14, created with the purpose of showing students how to set up a local
network that reaches the outside Internet, configure IP addresses to set up the attack, and
perform an ARP-HTTPS poisoning attack. Because of the nature of the attack, students will learn
how freeware tools can fake certificates that prevent information from being encrypted over the
HTTPS connection. Students will use a freeware tool, Cain & Abel, to capture packets and
information sent over the HTTPS connection.
Requirements:
The requirements for this lab are the same as the original Man in the Middle lab (Lab 14 – Man in
the Middle Attack on Windows Systems). *The following was taken directly from Lab 14: The
requirements include using VMWare with Windows XP and two Microsoft Server 2003. The
software and tools required for this tutorial(s) are open source, freeware, shareware, trial version
or a combination thereof. As such, some tools or software might expire or will be outdated by the
time this lab is executed. If the executables accompanying this lab do not work, please download
the latest version from the website provided in this lab. It is recommended that the user take a
few minutes to read the entire tutorial before starting any computer interactions.
Download Man in the Middle Attack (ARP Poisoning on HTTPS) (6,637.206 KB)
SHA1: 150b2bd352808df8109366afa0a3980c281a378c
Man in the Middle Attack: DNS Spoofing
Authors: Bradley Childs and James Martinez, Spring 2008
Revised by: Alessandro Seazzu, Summer 2008
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is a continuation of such labs as: the Man in the Middle Attack on Windows Systems by Mike
Sanchez and Ryan Toledo; and Man in the Middle Attack on an HTTPS Connection by Meredith Haney
and Katayoon Ghanbari. The primary thread of these labs is to expose students to the basics of windows
networks and the dangers that easy to obtain freeware tools can wreck havoc within such an
environment. This lab continues that tradition by showing how easy it is to implement a DNS spoof using
such a tool (Cain and Abel).
Requirements:
2 Windows XP Machines.
2 Windows Server 2003 machines.
Download Man in the Middle Attack: DNS Spoofing (44,728.943 KB)
SHA1: e3208eecc4778165af97031a7b9802c97bd11f38
Man in the Middle Attack on Windows Systems
Man in the Middle Attack on Windows Systems
Author: Mike Sanchez and Ryan Toledo, Spring 2005
Revised: Jessica Dillinger, Patricia Watson and Joel Nunes, Summer 2005
Alessandro Seazzu, June 28, 2006
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is designed to primarily expose students to the dangers of
man-in-the-middle or replay attacks in a Windows environment. Since replicating a
network environment and traffic, is a prerequisite for this lab, they will also
receive hands on experience with elementary network and routing design principles.
Requirements:
The requirements include using VMWare with Windows XP and two Microsoft Server
2003 installations. The software and tools required for this tutorial(s) are open source, freeware,
shareware, trial version or a combination thereof.
Download Man in the Middle Attack on Windows Systems (5,556.733 KB)
SHA1: eaddcc9ef80d506cac3889a707d514f3725f5dcc
Port Specification and Service Type Detection
Authors: Sudheendra Muppavarapu, Fall 2006
Revised by: Joel Nunes and Alessandro Seazzu, July 2007
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is designed to help students assess the operating condition of a Windows XP
system. This will be accomplished by using the network mapping scanner Nmap and
search for ports that could be potentially used to attack the system.
Requirements:
The lab uses the Windows XP operating system running on VMWare Workstation along
with hash creation software.
Download Port Specification and Service Type Detection (1,241.758 KB)
SHA1: 98693813350e2d9488ce8a6c132985f48e736160
Intro to Denial of Service Attack
Authors: Bandhi Chorh Khalsa, Fall 2004
Revised by: Jessica Dillinger, Patricia Watson and Joel Nunes, Summer 2005
Alessandro Seazzu, Fall 2006
CNSS/NSTISSI Mapping: n/a
Abstract:
This tutorial and attached lab will explain how a denial of service attack works.
This lab is designed to give you hands on experience with a Denial of Service attack
tool – dosNuke, and a simple firewall to combat it by blocking incoming packets –
ZoneAlarm. We will stimulate an environment where a single attacker is attacking you
via your ip address. We assume that both attacker and victim are connected
to the internet.
Requirements:
The lab uses the Windows XP operating system running on VMWare Workstation along
with hash creation software.
This lab archive contains code that is considered malicious by most antivirus applications. It is strongly recommended that you store this file in an isolated test system away from any production environments.
Download Intro to Denial of Service Attack (10,021.305 KB)
SHA1: 694a03ea0adedf4d274efb7726dc3b4744ecdb65
SQL Injection
Authors: Eugene Rooney, July 2007
Revised by: Joel Nunes, Alessandro Seazzu, July 2007
CNSS/NSTISSI Mapping: n/a
Abstract:
This lab is designed to give you an introduction to SQL injection attacks and how you, as an
application programmer, can try to mitigate these types of problems.
Requirements:
The lab uses the Windows XP operating system running on VMWare Workstation along
with hash creation software.
Download SQL Injection Lab (43,570.727 KB)
SHA1: fb4ace0626010cc20e2175952d6fd12268319682
Google CIARE
Quick Finds
- CIARE Home
- Internships and Job Postings
- IA Lab Introduction
- IA Lab Downloads
- UNM Security Education Training and Awareness Program (SETA)
- Online Resources
- Media Coverage
- UNM Security Days
- Access the Virtual Labs
- Advisory Committee
- Contact Information
- Anderson Home
- UNM Home
- Search CIARE
Contact Us
Alessandro Seazzu, Director
UNM Center for Information Assurance Research and Education
MSC05 3090
1 University of New Mexicoia
Albuquerque, NM 87131 - 0001
(505) 277-8451
alex@mgt.unm.edu
Steve Burd, Associate Director
UNM Center for Information Assurance Research and Education
MSC05 3090
1 University of New Mexico
Albuquerque, NM 87131 - 0001
(505) 277-6418
burd@mgt.unm.edu
Rich Brody, Associate Director
UNM Center for Information Assurance Research and Education
MSC05 3090
1 University of New Mexico
Albuquerque, NM 87131 - 0001
(505) 277-7258
brody@mgt.unm.edu
Accessing the Labs
To download the contents for the information assurance labs, please send an e-mail to ia@mgt.unm.edu with the name of the school where you teach or do research.
ADA Information
The University of New Mexico is an Affirmative Action/Equal Opportunity Institution. In accordance with the Americans with Disabilities Act, the information in this site is available in alternate formats upon request.