.

Active Detection on SYN Flooding attacks

<<

tsot

User avatar

Newbie
Newbie

Posts: 3

Joined: Mon Nov 28, 2011 5:02 pm

Location: Greece

Post Mon Nov 28, 2011 5:24 pm

Active Detection on SYN Flooding attacks

Hello,
This is my first post, so, hello everyone. I have a homework about the above subject and some help with ip spoofing and changing the tcp header would be very helpful. My homework is based on this paper http://www.utdallas.edu/~edsha/papers/bin/synflood.pdf.
Thanks in advance
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Mon Nov 28, 2011 5:33 pm

Re: Active Detection on SYN Flooding attacks

Can you show/explain what you have achieved so far by yourself?
<<

tsot

User avatar

Newbie
Newbie

Posts: 3

Joined: Mon Nov 28, 2011 5:02 pm

Location: Greece

Post Fri Dec 02, 2011 7:08 am

Re: Active Detection on SYN Flooding attacks

I haven't started the development. I am reading some papers. So, far i have reached to the plan as follows:
I am going to install an HTTP server (Apache maybe) and i am going to make some Syn Flood attacks from "spoofed ips" (i am going to use a VM) to the Server. Also i'll add a TTL (time to live) value on the Header of the (three-way-handshake) tcp protocol, also i'll create an algorithm that will manage the ttl+i, the hops and the icmp replies. Anyway, i need some help, or better some recommendations on papers about the issues that i mentioned on my first post. Also, some advises on how to achieve a congested network.
Thanks
<<

hurtl0cker

User avatar

Jr. Member
Jr. Member

Posts: 73

Joined: Thu Nov 18, 2010 10:09 am

Location: WWW

Post Mon Dec 05, 2011 12:51 pm

Re: Active Detection on SYN Flooding attacks

Scapy is a sophisticated packet crafting tool that will come handy for a SYN flooding attak part. Scapy is really flexible when it comes to packet manipulation,you can literally change any field of a packet.
“Knowing is not enough; we must apply. Willing is not enough: we must do.”
- Bruce Lee
<<

tsot

User avatar

Newbie
Newbie

Posts: 3

Joined: Mon Nov 28, 2011 5:02 pm

Location: Greece

Post Fri Dec 09, 2011 8:16 pm

Re: Active Detection on SYN Flooding attacks

Thanks hurtl0cker, i am thinking to use raw sockets.

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software