Denial of Service DoS Attacking Techniques
4 Pages1511 Words331 Views
Added on 2019-09-13
Denial of Service DoS Attacking Techniques
Added on 2019-09-13
ShareRelated Documents
Denial of Service Attacks1Preparation...........................................................................................................................................12Ping flood attack....................................................................................................................................13Ping flood attack defense......................................................................................................................24SYN spoofing/flood attack.....................................................................................................................35SYN spoofing/flood defense with firewalls............................................................................................36SYN spoofing/flood defense with SYN Cookies.....................................................................................4Goal: In this project, we will observe how to prevent (slow down) legitimate access to a serverusing denial of service (DoS) attacking techniques. 1Preparation Turn off your firewall. Make certain that you have vsftpd and httpd services running on your FC server by conducting an nmap scan (using CLI) on the server machine. You should see ports 21/ftp and 80/http open. If the ports are not open, start these two services.On your FC client, as the root, type the following command: (3 points)# yum install hping*From your Windows machine, open a web browser and type in the following: (3 points)http://FC_server_IPObserve the time it takes to respond to your http request.Start the command line prompt on your Windows, type the following# ftp FC_server_IPObserve the time it takes to respond to your ftp connection request. (3 points)2Ping flood attackA ping flood is a simple DoS attack where the attacker overwhelms the victim’s bandwidth withICMP Echo Request (ping) packets. This is most effective by using the flood option of pingwhich sends ICMP packets as fast as possible without waiting for replies. Most implementationsof ping require the user to be privileged in order to specify the flood option. It is most successfulif the attacker has more bandwidth than the victim (for instance an attacker with a DSL line andthe victim on a dial-up modem). On your FC server, as the root, start the Wireshark by typing the following command:# wireshark &Start data capture using the right network interface. (3 points)Page | 1
We will launch the ping flooding attack from both the FC client and CentOS machines.From both your FC client and CentOS, as the root user, issue the following command: (6 points)# ping your_FCserver -i 0.001 -s 15002.1.1Explain the meaning of this command (hint: man ping) (3 points)Now back on your Windows machine, try to ftp into the server and reload the HTTP page. Observe the time it takes to answer your FTP and HTTP request. (3 points)2.1.2Were you able to FTP into the server and reload the web page? Did you notice significant delay? Why? (3 points)To get more noticeable delay, you may need to get help from your fellow classmates. When thereare more attackers, the delay should be larger.2.1.3Provide a screenshot of your Wireshark showing the ping flood attack. (3 points)3Ping flood attack defense There are many proposed techniques towards preventing ping flood attack. A simple way is touse your firewall to do a ping rate limiting.On your FC server, as the root user, add the following firewall rules into the right location in the/etc/sysconfig/iptables file and make appropriate changes accordingly: (3 points)-A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/minute --limit-burst 1 -jACCEPT -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/minute --limit-burst 1 -j LOG --log-prefix PING-DROP:-A INPUT -p icmp -j DROP-A OUTPUT -p icmp -j ACCEPTHint: If you use Fedora 18-26, install iptables-services first.3.1.1Explain the meaning of these rules. (3 points)After you have finished the modifications and restart the firewall service by typing: (2 points)# service iptables restartOnce again, launch the ping flooding attack from both the FC client and CentOS machines.(6points)3.1.2Explain what happened. Did the ping rate limiting technique work? Why or why not? (3 points)Page | 2
End of preview
Want to access all the pages? Upload your documents or become a member.