March 15th, 2004, 11:28 AM
IP spoofing tools...
Hi again everybody,
I need some advice on a class assignment. I've chosen to write about TCP/SYN flooding
in the DOS category, and part of the assignment is to identify some of the tools used by
attackers. I understand the SYN/ACK three-way handshake within the TCP/IP stack.
After some extensive reading on the web, I'm a bit overloaded with information.
Just researching the mechanisms of creating agents and zombies left me spinning.
I just left www.insecure.org, after browsing over the appr. 75 networking tools posted.
My question centers mainly around which tools allows for the altering of the source IP address,
the technique (IP address spoofing), often associated with SYN/ACK flooding.
So far I believe to have identified these tools:
Netcat; Nemesis; Pakettu Keiretsu; Fragroute.
My paper is due tommorrow evening. Are any of these tools applicable?
If I had more time, I'm sure to figure it out, but still have to research part 2 "Network Access", of the assignment.
You know, how you want to save the world, and then find out one has bitten off more than one can chew.
I'll dish out lots of points for help,LOL
Thankx in advance
March 15th, 2004, 11:38 AM
Oh well, I just did one more search on Google and seem to have used the correct syntax to my question this time. I'm good now.
March 15th, 2004, 11:39 AM
March 15th, 2004, 03:54 PM
re: packet injection and IP spoofing
On *nix, I personally prefer Hping. You can downlaod it here and read all about it's features:
Ego is the great Logic killer
March 15th, 2004, 08:18 PM
It'll redirect you to it's correct site.
Best port scanner made.
\"If knowledge is power. Why doesn\'t everybody read?\"
March 15th, 2004, 10:58 PM
If the next part of you class will be actually building your own packets, here's a basic guide using libnet to get you started. And who knows you might want to continue on and build the next netcat.
March 15th, 2004, 11:34 PM
Thanx so much. I have downloaded NMap and PacketCrafter(www.Komedia.com) so far and used screen shots of them in my paper. Hopefully I'll have some time to browse the others you have suggested later in the week. So for now its back to writing about 'root-kits'.
I am so tired....
March 16th, 2004, 12:00 AM
I'd recommend hping. It's a pretty complete packet generator, allowing you to modify most portions of the packet from the IP protocol on down.