packets with no intention to complete the 3-way handshake protocol. They target thehalf open connection TCP queue and plan to fill it up with requests so that the serverfreezes. The server is busy in utilizing all its resources in receiving, storing the SYN packets andsending out ACK for those packets.
Here the SYN cookie mechanism is turned on,so the queue is cleared when the queue isabout to get full. Queue is not a necessity but only a performance improvement in the 3way handshake. So this is the reason why the request for a new telnet connection goesthrough though the SYN flooding attack is in progress.We then turn ofthe syn cookie mechanism at the server so that the SYN flooding attackis successful.Task 2: TCP RST Attacks on telnet and ssh Connections:First we establish a telnetconnection to the server and obtain the next sequence number of the packet so that we can spoof the RST packet.We get the next sequence number from the Wireshark capture of the telnet connection from the Observer and Server
Attacker: Then the attacker sends out TCP RST packets using the netwox tool with number 40. The attacker sends a spoofed RST packet as though its from the Server (10.0.2.2)to the Oberver (10.0.2.15)with the next sequence number obtained from the wireshark.Also used Scapy to conduct the TCP RST attack
The project is no full completed because there were so many errors. But I try to solve it and its still not working. I will definitely go through you on this project.