18-02-06

nothing as easy as an DDOS attack

from the description from a ddos tool spastic

It is a command line tool that requires a target's IP address. When a target IP address is entered, it generates a random IP address. It crafts a SYN packet that contains the random IP address as the source (spoofed IP address) and the target IP address as the destination. This routine runs continously until the program is terminated by a user.

In a typical exchange of information in the network, there should be a complete transaction. This is done with a the three-way handshake in TCP. This handshake is composed of the SYN, SYN/ACK, and ACK packets. When information exchange takes place, the source sends out a SYN packet, then the destination replies with the SYN/ACK packet, and finally, the source replies with an ACK packet.

In this case, since the source is a random IP address, it is possible that this IP address does not exist. Thus the handshake is never completed. When the target system recieves the SYN packet, it responds by sending the SYN/ACK packet, allocates a small resource for listening, and places this in a listening queue. The SYN/ACK packet is sent a number of times until a time out event occurs.

With the continuous sending of malcrafted SYN packets to the target, the target's resources is consumed until it crashes or until an unknown result occurs. µ

 

http://uk.trendmicro-europe.com/consumer/vinfo/encycloped...

 

http://www.antiserver.it/Denial-Of-Service/

15:32 Gepost door technology changes fast not a lot | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.