DETER SEER Wiki

The Security Experimentation EnviRonment (SEER) is a set of tools and agents for helping an experimenter setup, script and perform experiments in the DETER environment. It includes agents for traffic generation, attack generation, traffic collection and analysis. SEER provides:

• an extensible Java GUI interface
• a module system for adding your own agents, collectors, aggregators or services
• a module/software dependency setup with building and caching of 3rd party software

SEER makes extensive use of other great open source software including:

• JUNG
• JSch
• ws-xmlrpc
• Protocol Buffers
• MigLayout
• Jython
• Batik

Software

Up next - support for the OpenVZ virtual nodes, templates, auto tool wrapping

Beta 5 adds jython support and finalizes some interfaces for extending the GUI from jars in the experiment and restores support for the WINXP-UPDATE image

Beta 4 releases other agents from 1.5 such as IRC, Perf analysis, etc, some new context help for the controls and a fix for the SSL issues

Beta 3 fixes some backend bugs and offers some logging options in the GUI to help with SSL debugging, enabled Geo module in GUI

Beta 2 fixes setup on FreeBSD machines and updated control types for agent definitions

There are two software components to the SEER tools. The desktop GUI and the backend that is extracted on experiment nodes. The backend setup script is found on the DETER fileserver at /share/seer/v160/experiment-setup.py. It requires at least one module or group name argument so that some functionality is loaded.

The current development tree can be checked out at:

• svn co http://seer.isi.deterlab.net/svn/code/trunk

Browse the source (GUI shortcut).

HOWTO

1. HOWTO Setup An Experiment With SEER

Documentation

• Documentation for Version 1.6

GUI - Webstart

• Version 1.6 Beta 5
• Download zip file of jars

Systems With Cached Software Builds

• Linux-redhat4-i686 (FC4-STD)
• Linux-redhat6-i686 (FC6-STD)
• Linux-redhat8-i686 (FC8-STD)
• Linux-fedora8-i686 (OPENVZ-STD)
• Linux-debianlennysid-i686 (Ubuntu804-STD)
• FreeBSD-4.10-RELEASE-i386 (FBSD410-STD)
• FreeBSD-6.2-STABLE-i386 (FBSD62-STD)
• FreeBSD-7.1-PRERELEASE-i386 (FBSD7-STD)
• CYGWIN_NT-5.1-xp-i686 (WINXP-UPDATE)

On images without cached builds, the setup process will take longer and some software may fail to build which should be displayed in the ExpInfo tab. If this software includes m2crypto then the GUI will still be able to connect to DETER, but not the experiment itself and you must look in /local/logs on the control node to see what failed.

To have software built during setup cached, add -d <directory> to the experiment-setup command in your NS file. If the directory is writable from the experiment, built software will be cached there. If the directory is readable, cached software will be searched for there in addition to the directory where experiment-setup.py was started from.

Help

• The mailing list for SEER questions can be found at http://mailman.isi.edu/mailman/listinfo/deter-workbench
• You can also contact Brett . Wilson at cobham.com