After learning more about the TCP Header structure in class, it would appear the easiest way to bother / bring down a machine would be to spam it with basic TCP Packets with the URG flag set and a nice large calculation on the URG pointer. I Dunno if this is what DoS programs do as standard.
How would one go about creating packets to this effect? And how would you defend agansed and attack of this nature?
TCP Header: Urgent Flag + Pointer
-
Cool_Fire
- Not a sandwich
- Posts: 1912
- Joined: Fri May 09, 2003 1:20 pm
- Location: 41 6d 73 74 65 72 64 61 6d
- Contact:
Re: TCP Header: Urgent Flag + Pointer
I don't think it'd be any more effective than flooding with any other packet.
As for the UrgPtr, as far as I know that just contains an offset rather than a calculation.
What DoS by packet flooding usually does is flood a machine with SYN packets. The receiving end will send back a SYN-ACK which the DoS program just ignores. (Or it spoofs the sender address, so it never receives it.) This way the machine will have a mass of half-open connections, which can cause it to get in trouble in a few ways.
As for the UrgPtr, as far as I know that just contains an offset rather than a calculation.
What DoS by packet flooding usually does is flood a machine with SYN packets. The receiving end will send back a SYN-ACK which the DoS program just ignores. (Or it spoofs the sender address, so it never receives it.) This way the machine will have a mass of half-open connections, which can cause it to get in trouble in a few ways.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
Hackerthreads chat, where the party is going 24/7.