Hi again everybody,

I need some advice on a class assignment. I've chosen to write about TCP/SYN flooding
in the DOS category, and part of the assignment is to identify some of the tools used by
attackers. I understand the SYN/ACK three-way handshake within the TCP/IP stack.
After some extensive reading on the web, I'm a bit overloaded with information.
Just researching the mechanisms of creating agents and zombies left me spinning.

I just left www.insecure.org, after browsing over the appr. 75 networking tools posted.
My question centers mainly around which tools allows for the altering of the source IP address,
the technique (IP address spoofing), often associated with SYN/ACK flooding.

So far I believe to have identified these tools:

Netcat; Nemesis; Pakettu Keiretsu; Fragroute.

My paper is due tommorrow evening. Are any of these tools applicable?
If I had more time, I'm sure to figure it out, but still have to research part 2 "Network Access", of the assignment.
You know, how you want to save the world, and then find out one has bitten off more than one can chew.

I'll dish out lots of points for help,LOL

Thankx in advance