CYBE231 Lab 9 - The Internet of Things , Malware, and the Joy of Botnets

In this lab we took at how Internet of Things devices can often be highly vulnerable devices that are not properly configured or monitored. Specifically we took a look at the Mirari malware that and used to infect a network of simulated IoT devices to create our own mini-botnet. We showed how these devices often got exposed to the public facing internet with the default credentials still on them, allowing them to be infected and spread the malware to other devices.

After infecting the devices that we were given. We launched a SYN flood attack against a system where all the devices would start a large number of TCP handshakes then not respond in an attempt to overwhelm the network capacity of the device. To finish off the lab we had to launch another attack, and describe what it was doing. I choose a UDP flood attack where the devices would flood many ports with UDP packets in an attempt to overwhelm the device again. Then we had to remediate the devices which was as simple to changing the passwords to be significantly more difficult than the default passwords.