DoS attacks Programming Questions-Mercy College .

Project 6 Part 1 This project is intended to show you how DoS attacks are initiated and how to tell you are under attack. It should be confined to a controlled testing environment. Before proceeding with this project, start Wireshark as root and save the capture to a file named Project6. If your computer does not have hping installed, run it through “Kali-Linux”. hping is a command-line oriented TCP/IP packet assembler/analyzer. The interface is inspired to the ping(8) unix command, but hping isn’t only able to send ICMP echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the ability to send files between a covered channel, and many other features. You will use the results to see what happens when a node in your network is being subjected to a DoS attack. 1. In this part, you will launch a flood attack on a target machine, using standard pings to random ports.  You must be careful to note the time when you start the attack and run it for only 10 seconds.  Enter the following command (substituting the correct IP address as necessary): root@kali:~# hping3 -1 –flood 2. 2. Press Ctrl+C to end the torture. How many packets does hping report were transmitted and received? Part 2 The next attack is a half-open attack, which makes use of the standard TCP/IP three-way handshake. Recall that the three-way handshake requires the initiating machine to send a SYN packet. The receiving machine sends a SYN/ACK packet back, and the initiating machine sends a final ACK. A half-open attack sends a SYN but does not send back the final ACK. The victim sits waiting for a few seconds and finally clears the connection. If you send a large number of SYN packets, the victim can have its buffer filled with halfconnections, and this keeps legitimate traffic from getting through. 1. After noting the starting time, enter the following command (substituting an IP address) as the root user: root@kali:~# hping3 -SV 2. Press Ctrl+C to stop the attack. What statistics does hping report after 10 seconds of attacking the target machine? Part 3 Stop the Wireshark capture and view the Project6 file to see the results of the capture. Note the start and end of each attack in your log in Wireshark.  Record your steps in each part.