Electronic Books

???
*Note:
Attackers commonly look for routers that do not filter broadcast addresses,
which fits this attack perfectly. Security Administrators should always be
aware of traffic flowing through the routers on their networks.
Denial-of-Service (DoS)


655
Lab 93: Denial-of-Service ??“??“ SYN Attack
DoS Land Attack: SYN Attack
Prerequisites:
None
Countermeasures:
Secure ACLs, Bastion servers/workstations
Description:
When an attacker sends a series of SYN requests with a
???spoofed??? source IP address to a target (victim), the target sends a SYN
Acknowledge (ACK) in response and waits for an ACK to come back
to complete the session setup. Because the source was ???spoofed??? the
response never comes, filling the victim??™s memory buffers so that it
can no longer accept legitimate requests.
Procedure:
Install RafaleX, set parameters, and execute against the target.
Verify with the packet sniffer.


Install the RafaleX application as outlined in Lab 48.


Install the Ethereal application as outlined in Lab 41.


Open the Ethereal application and start capturing data (refer to Lab 41).


Open the RafaleX application by clicking on the
RafaleX.exe
icon.
The RafaleX application will start.
656


Practical Hacking Techniques and Countermeasures
Set the
Source IP
address to a spoofed IP address (
100.100.100.100
). Set
the
Source Port
to
123
.
Set the
Destination IP
address to the target IP address.


Pages:
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223