As promised, this post will explain in more details how to set up ‘Bees with Machine Guns’. This tool is invaluable on my arsenal for testing web server or cluster of web servers handling load in the form bunch or swarm I can say HTTP requests. I am using this tool the test ELB, Auto Scaling and High Availability Test as well.
What do we require ?
Bees ? AK47 ? Fortunately, We only need: AWS account with ability to create instances, account’s Access Key and Secret Key, Private Key used to deploy instances. Those are the basic requirements. On top of that, We need Ubuntu AMI, Minimum Boto 2.8 and paramiko 1.10
- Deploy Ubuntu AMI
- Create and Associate an Elastic IP to the instance . ‘ssh’ / ‘Putty’ for windows user to the system with username: ‘ubuntu’
- run `sudo apt-get install python-paramiko git`
- run `cd /tmp; git clone git://github.com/newsapps/beeswithmachineguns.git`
- run `cd beeswithmachineguns; sudo python setup.py install`
- Create .boto config file and place it on /home/ubuntu/
Use your AWS Access Key and Secret Key https://portal.aws.amazon.com/gp/aws/securityCredentials
Content of your .boto config file below:[Credentials]
#ec2_region_name = us-east-1
#ec2_region_endpoint = us-east-1.ec2.amazonaws.com
- Copy your .pem file used in your instances to /home/ubuntu/.ssh /
Note : Go to your security group on EC2 Dashboard to ensure SSH access is allowed from this Linux Instance to the ‘default’ security group in the region (by default us-east-1, can be changed in the .boto file
Mobilize your Bees and Attack :
- SSH to the ‘bees-controller’ instance that you created a while ago
- run `bees up -s 4 -k myprivatekey (-s is the number of BEE micro instances)`
- Go to your EC2 Dashboard and check if the BEE instances were created in this region, they are all named ‘a bee!’, one micro instance for each bee.
- Attack a site with: `bees attack -n 10000 -c 400 -k myprivatekey -u http://www.mynoobsite.com/`
- You should notice http traffic hitting the server hosting this website
- Shut Down Bees micro instances when complete with the ‘bees down’ command
Launching ‘ Bees with Machine Guns ‘ means launching DDOS attack. Any DDOS attack will face legal action. This tool only can be used for testing purposes.