def __init__(self, debug=False, interface=None): """ Initialize R2LEngine. Args: interface (str): Name of interface on which to monitor debug (bool): Log on terminal or not Raises: None Returns: None """ # Create objects of all the imported class self.arp_spoof = ARPCache(debug=debug) self.cam_attack = CAM(debug=debug) self.dhcp = DHCP(debug=debug) self.ping_of_death = PingOfDeath(debug=debug) self.land_attack = LandAttack(debug=debug) self.ddos = DDoS(debug=debug) self.syn_flood = SynFlood(debug=debug) self.dns_amp = DNS_Amplification(debug=debug) self.bgp_abuse = BGP_Abuse(debug=debug) # Wireless self.deauth = Deauth(debug=debug) self.fake_access = FakeAccessPoint(debug=debug) self.hidden_node = HiddenNode(debug=debug) self.ssid_spoof = SSIDSpoof(debug=debug, interface=interface)
class TestPingOfDeath(unittest.TestCase): """ Test class for SecureTea IDS PingOfDeath Attack Detection. """ def setUp(self): """ Setup class for PingOfDeath. """ # Packet with load < 60000 self.pkt1 = scapy.IP(src="192.168.0.1") \ / scapy.ICMP() / scapy.Raw(load="*") # Packet with load > 60000 (attack) self.pkt2 = scapy.IP(src="192.168.0.1") \ / scapy.ICMP() / scapy.Raw(load="*" * 65535) # Initialize PingOfDeath object self.ping_of_death = PingOfDeath() @patch.object(OSINT, "perform_osint_scan") @patch.object(SecureTeaLogger, 'log') def test_detect(self, mock_log, mck_osint): """ Test detect_ping_of_death. """ mck_osint.return_value = True # Case 1: Non suspicious packet self.ping_of_death.detect(self.pkt1) self.assertFalse(mock_log.called) # Case 2: Suspicious packet self.ping_of_death.detect(self.pkt2) msg = "Possible ping of death attack detected " \ "from: 192.168.0.1" mock_log.assert_called_with(msg, logtype="warning")
class R2LEngine(object): """R2LEngine class.""" def __init__(self, debug=False, interface=None): """ Initialize R2LEngine. Args: interface (str): Name of interface on which to monitor debug (bool): Log on terminal or not Raises: None Returns: None """ # Create objects of all the imported class self.arp_spoof = ARPCache(debug=debug) self.cam_attack = CAM(debug=debug) self.dhcp = DHCP(debug=debug) self.ping_of_death = PingOfDeath(debug=debug) self.land_attack = LandAttack(debug=debug) self.ddos = DDoS(debug=debug) self.syn_flood = SynFlood(debug=debug) # Wireless self.deauth = Deauth(debug=debug) self.fake_access = FakeAccessPoint(debug=debug) self.hidden_node = HiddenNode(debug=debug) self.ssid_spoof = SSIDSpoof(debug=debug, interface=interface) def run(self, pkt): """ Pass the packet through all the filter rules. Args: pkt (scapy_object): Packet to dissect and observe Raises: None Returns: None """ # Pass the packets self.arp_spoof.proces_packet(pkt) self.cam_attack.detect_cam(pkt) self.dhcp.detect_dhcp(pkt) self.land_attack.detect_land_attack(pkt) self.ping_of_death.detect(pkt) self.ddos.classify_ddos(pkt) self.syn_flood.detect_syn_flood(pkt) # Wireless self.deauth.detect_deauth(pkt) self.fake_access.detect_fake_ap(pkt) self.hidden_node.detect_hidden_node(pkt) self.ssid_spoof.start_process()
def setUp(self): """ Setup class for PingOfDeath. """ # Packet with load < 60000 self.pkt1 = scapy.IP(src="192.168.0.1") \ / scapy.ICMP() / scapy.Raw(load="*") # Packet with load > 60000 (attack) self.pkt2 = scapy.IP(src="192.168.0.1") \ / scapy.ICMP() / scapy.Raw(load="*" * 65535) # Initialize PingOfDeath object self.ping_of_death = PingOfDeath()