Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Lab M a n u a l
D e n ia l o f S e r v ic e M o d u l e 10
M odule 10 - D enial o f S e rv ic e
D e n ia l o f S e r v i c e
Denialof Se rv ic e (DoS) isa nattack o na c o m p u t e rorn e t w o r kthatp r e v e n ts le g itim a teu s eof its r e s o u r c e s .
ICON KEY
V a lu a b le in fo r m a tio n
L a b S c e n a r io
111 c o m p u tin g , a d e n ia l-o f -s e rv ic e a tta c k (D o S a tta c k ) is a n a tt e m p t to m a k e a m a c h in e o r n e tw o r k re s o u rc e u n a v a ila b le to its in te n d e d u s e rs . A lth o u g h th e m e a n s to earn* o u t, m o tiv e s fo r, a n d ta rg e ts o f a D o S a tta c k m a y van*, it g e n e ra lly c o n s is ts o f th e e f f o r ts o f o n e o r m o r e p e o p le to te m p o ra r ily 0 1 in d e fin ite ly in t e r r u p t 0 1 s u s p e n d s e iv ic e s o f a h o s t c o n n e c t e d to th e I n te r n e t. P e r p e tr a to r s o f D o S a tta c k s ty p ic a lly ta r g e t sites 0 1 s e iv ic e s h o s t e d 0 1 1 h ig h p ro f ile w e b s e n ers s u c h as b a n k s , c r e d it c a rd p a y m e n t g a te w a y s, a n d e v e n r o o t n a m e s e iv e r s . T h e te r m is g e n e ra lly u s e d re la tin g to c o m p u te r n e tw o rk s , b u t is n o t lim ite d to tin s field ; fo r e x a m p le , it is a ls o u s e d 111 r e f e r e n c e to C P U r e s o u r c e m a n a g e m e n t. O n e c o m m o n m e t h o d o f a tta c k in v o lv e s s a tu ra tin g th e ta r g e t m a c h in e w ith e x te r n a l c o m m u n ic a tio n s re q u e s ts , s u c h th a t it c a n n o t r e s p o n d to le g itim a te tra ffic , o r r e s p o n d s so slo w ly as to b e r e n d e r e d e ss e n tia lly u n a v a ila b le . S u c h a tta c k s u su a lly le a d to a s e iv e r o v e rlo a d . D e 111 al-o f-se n * 1 ce a tta c k s c a n e sse n tia lly d is a b le y o u r c o m p u t e r 0 1 y o u r n e tw o rk . D o S a tta c k s c a n b e lu c ra tiv e fo r c rim in a ls; r e c e n t a tta c k s h a v e s h o w n th a t D o S a tta c k s a w a y fo r c y b e r c rim in a ls to p ro f it. A s a n e x p e r t e th ic a l h a c k e r 0 1 s e c u r i t y a d m i n i s t r a t o r o f a n o rg a n iz a tio n , y o u s h o u ld h a v e s o u n d k n o w le d g e o f h o w d e n ia l - o f - s e r v i c e a n d d i s t r i b u t e d d e n ia l - o f - s e r v i c e a tta c k s a re c a rr ie d o u t, to d e t e c t a n d n e u t r a l i z e a tta c k h a n d le r s , a n d to m i t i g a t e s u c h a tta c k s.
Test yo u r
W e b e x e r c is e
W o r k b o o k re \
L a b O b je c t iv e s
T h e o b je c tiv e o f tin s la b is to h e lp s tu d e n ts le a r n to p e r f o r m D o S a tta c k s a n d to te s t n e tw o r k fo r D o S flaw s.
1 1 1 d iis la b , y o u w ill:
Ethical Hacking and Countemieasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
L a b E n v ir o n m e n t
T o e a rn o u t th is, y o u n eed : A c o m p u te r ru n n in g W in d o w S e rv e r 2 0 0 8 W in d o w s X P / 7 ru n n in g 111 v irtu a l m a c h in e A w e b b ro w s e r w ith I n te rn e t access A d m in istra tiv e privileges to m n to o ls
L a b D u r a tio n
T im e: 60 M in u te s
O v e r v ie w o f D e n ia l o f S e r v ic e
D e n ia l-o f-se rv ic e (D o S ) is a n a tta c k o n a c o m p u te r o r n e tw o rk th a t p r e v e n t s leg itim ate u se o f its re so u rc e s. 111 a D o S attack , atta c k e rs flo o d a v ic tim s sy ste m w ith illegitim ate service re q u e s ts o r t r a f f i c to o v e r l o a d its re s o u rc e s a n d p re v e n t it fro m p e rfo rm in g in t e n d e d tasks.
Lab T asks
O v e rv ie w P ic k a n o rg a n iz a tio n th a t y o u feel is w o rth y o f y o u r a tte n tio n . T in s c o u ld b e an e d u c a tio n a l in s titu tio n , a c o m m e rc ia l c o m p a n y , o r p e rh a p s a n o n p ro f it charity. R e c o m m e n d e d lab s to assist y o u in d en ial o f service: S Y N flo o d in g a ta rg e t h o s t u sin g 11pi11g3 H T T P flo o d in g u sin g D o S H T T P
L a b A n a ly s is
A n aly ze a n d d o c u m e n t th e resu lts re la te d to th e la b exercise. G iv e y o u r o p in io n o n y o u r ta rg e ts secu rity p o s tu re a n d e x p o su re .
P L E A S E
T A L K
T O
Y O U R
I N S T R U C T O R T O T H I S
I F
Y O U
H A V E
Q U E S T I O N S
R E L A T E D
L A B .
Ethical Hacking and Countermeasures Copyright by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
S Y N
F lo o d in g
T a r g e t H o s t U s in g
L a b S c e n a r io
A S Y N flo o d is a f o r m o f d e n ia l-o f-s e rv ic e a tta c k 111 w h ic h ail a tta c k e r s e n d s a s u c c e s s io n o l S Y N re q u e s ts to a ta rg e t's s y s te m 111 a n a tt e m p t to c o n s u m e e n o u g h s e rv e r re s o u rc e s to m a k e th e s y s te m u n re s p o n s iv e to le g itim a te tra flic . A S Y N flo o d a tta c k w o rk s b y n o t r e s p o n d in g to th e s e r v e r w ith th e e x p e c te d
1 ^ ~ / V a lu a b le in fo r m a tio n
y *'
Test yo ur k n o w le d g e
* *
W e b e x e r c is e
A C K c o d e . T h e m a lic io u s c lie n t c a n e ith e r sim p ly n o t s e n d th e e x p e c te d A C K , o r b y s p o o lin g th e s o u r c e IP a d d re s s 111 th e S Y N , c a u se th e s e r v e r to s e n d th e S Y N -A C K to a fa lsifie d I P a d d re s s , w h ic h w ill n o t s e n d a n A C K b e c a u s e it "k n o w s" th a t it never sen t a SYN. The s e rv e r w ill w a it fo r th e a c k n o w le d g e m e n t f o r s o m e tim e , as s im p le n e tw o r k c o n g e s tio n c o u ld a lso b e th e c a u s e o f th e m is s in g A C K , b u t 111 a n a tta c k in c re a s in g ly la rg e n u m b e r s o f h a lf - o p e n c o n n e c tio n s w ill b in d re so u rc e s on th e s e rv e r u n til no new c o n n e c tio n s c a n b e m a d e , re s u ltin g 111 a d e n ia l o f se rv ic e to le g itim a te tra ffic . S o m e sy s te m s m a y a ls o m a lf u n c tio n b a d ly o r e v e n c ra s h if o th e r o p e r a tin g s y s te m f u n c tio n s a re s ta rv e d o t re s o u rc e s 111 tin s w ay . A s a n e x p e r t e t h i c a l h a c k e r o r s e c u r i t y a d m i n i s t r a t o r o t a n o r g a n iz a tio n , y o u s h o u ld h a v e s o u n d k n o w le d g e o f d e n ia l - o f - s e r v i c e a n d d i s t r i b u t e d d e n ia l-o f s e r v i c e a tta c k s a n d s h o u ld b e a b le to d e t e c t a n d n e u t r a l i z e a tta c k h a n d le rs . Y o u s h o u ld u se S Y N c o o k ie s as a c o u n te r m e a s u r e a g a in s t th e S Y N flo o d w h ic h e lim in a te s th e re s o u rc e s a llo c a te d o n th e ta r g e t h o s t.
W o r k b o o k r e v ie w
L a b O b je c t iv e s
T h e o b je c tiv e o f tin s la b is to h e lp s tu d e n ts le a r n to p e r f o r m d e n ia l-o f-s e rv ic e a tta c k s a n d te s t th e n e tw o r k f o r D o S flaw s.
1 1 1 tin s la b , y o u w ill:
Ethical Hacking and Countenneasures Copyright by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
L a b E n v ir o n m e n t
T o e a rn o u t d ie lab , y o u need: " A c o m p u te r r u n n in g W in d o w s 7 as v ic tim m a c h in e B a c k T ra c k 5 r3 ru n n in g 111 v irtu a l m a c h in e as a tta c k e r m a c h in e W ir e s h a rk is lo c a te d a t D :\C EH -Tools\C EH v 8 M o d u le 0 8 S n iffin g \S n iffin g T oolsV W iresh ark
L a b D u r a tio n
T u n e : 10 M in u te s
O v e r v ie w o f h p in g 3
11pu1g3 is a n e tw o rk to o l ab le to se n d c u s to m T C P / I P p a c k e ts a n d to d isp lay ta rg e t rep lies like a p in g p ro g ra m d o e s w ith IC M P replies. 11pu1g3 h a n d le s fra g m e n ta tio n , a rb itra n p a c k e ts b o d y , a n d size a n d c a n b e u s e d u i o rd e r to tra n s fe r hies e n c a p su la te d u n d e r s u p p o r te d p ro to c o ls.
Lab T asks j
F lo o d SYN P a c k e t 1. 2. L a u n c h B a c k T a c k 5 r3 o n th e v irtu al m a c h in e . L a u n c h d ie h in g p 3 utility fro m th e B a c k T ra c k 5 r3 v irtu al m a c h in e . S elect B a c k T r a c k M e n u -> B a c k t r a c k -> I n f o r m a tio n G a th e r i n g -> N e tw o r k A n a ly s is -> I d e n tif y L iv e H o s t s -> H p in g 3 .
^^Applications Places System (\ r j 3 Sun Oct 21. 1:34 PM
i |Maintaining Access
Reverse Engineering ; RFID Tools tj StressI f c s t i n g
forensics R eportin gT o o ls
^ netAscovcr ^ netifera
<< back
nmap
^P b n j
sctpscan t r a c e traceroute w o l e ^ zenmap
1y=I Type only hping3 without any argument. If hping3 was compiled with Tel scripting capabilities, you should see a prompt.
3.
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
root(afbt: -
File Edit View trm inal Help > syn set SYN flag < rst set RST flag * push set PUSH flag v ack set ACK flag urg set U RG flag -xnas set X unused flag (0x40) ynas set Y unused flag (0x80) tcpexitcode use last tcp->th flags as exit code tcp-tinestaTp enable the TCP timestamp option to guess the HZ/uptine
J ( f
(default is 0 )
-u ^ end te ll you reacheJ EO F and prevent reAind T -traceroute traceroute m ode (Implies bind and t t l 1) --tr-stop Exit when receive the firs t not ICMP in traceroute node tr <ccp t t l Keep the source TTL fixed, useful to nonitor ]ust one hop **tr*no-rtt Don't calculate/show RTT information in traceroute node ARS packet description (new, unstable) apd send Send the packet described with apo (see docs/APO.txt)
e n o a lt p T O 'T O ro tS R .
mn
4.
m First, type a simple command and see the result: #hping3.0.0-alpha1> hping resolve www.google.com 66.102.9.104.
root(abt: -
m The hping3 command should be called with a subcommand as a first argument and additional arguments according to die particular subcommand.
5.
L i d ie p re v io u s c o m m a n d , 1 0 .0 .0 .1 1 (W in d o w s 7 ) is th e v ic t im s m a c h in e IP a d d re ss, a n d 1 0 .0 .0 .1 3 ( B a c k T r a c k 5 r3 ) is th e a t t a c k e r s m a c h in e IP ad d ress.
/v v x root(bt: -
ootebt:-# hp1ng3 -s 10.0.0.11 a 10.0.0.13 p 22 flood HPING 10.0 9.11 (ethO 10.6.0.11): S set, 40 headers 0 data hping in flood node, no replies w ill be show n
<< b a c k
H = y1 The hping resolve command is used to convert a hostname to an IP address.
tra c k
6.
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
7.
IBTal
hping3 was mainly used as a security tool in the past. It can be used in many ways by people who don't care for security to test networks and hosts. A subset of the things you can do using hping3: Firewall testing Advanced port scanning Network testing, using various protocols, TOS, fragmentation Manual path M TU discovery Advanced traceroute, under all the supported protocols Remote OS fingerprinting * Remote uptime guessing TC P/IP stacks auditing
m
Protocol Length Info TCP TCP TCP TCP TCP 54 [TCP Pert numbers 54 [TCP Pert numbers 54 [TCP Pert numbers 54 [TCP Port numbers ff1i M7 r 3 ^ T 54 [TCP Port numbers reused] reused] reused] reused] T T 1 reused] 53620 53621 53622 53623 [SYN] 5 [SYN] s [SYN] 5 [SYN] 5 137713 53625 > ssh [SYN] 5 1 > > > > ssh ssh ssh ssh
U-tI& ZW W tt7 M
|G l . IE Ij
Frame 1: 54 b/tes on wire (432 b it s ) , 54 bytes captured (432 b its ) on in te rface 0 Ethernet I I , Src: Microsof_a8:78:07 (00:15:5d:a8:78:07), Dst: M'crosof_a8:78:05 (00:15:5d:a Internet Protocol version 4, src: 10.0.0.13 (10.0.0.13), Dst: 10.0.0.11 (10.0.0.11) Transmission control Protocol, src Po rt: 11766 (11766), Dst Port: ssh (22), seq: 0, Len: 0
5d dl 2d ee
as 3a f6 df
78 00 00 00
05 00 15 00 40 06 16 3a a9 00
5d a8 78 07 OS 00 45 00 95 7e Oa 00 00 Od Oa 00 09 f c 61 62 d6 d7 50 02
. .] .x .. . ].X ...E .
( :... ........
L a b A n a ly s is
D o c u m e n t all d ie resu lts g a d ie r d u rin g d ie lab. T o o l/U tility h p in g 3 I n f o r m a tio n C o ll e c te d / O b j e c ti v e s A c h ie v e d S Y N p a c k e ts o b s e r v e d o v e r flo o d in g th e r e s o u rc e s in v ic tim m a c h in e
P L E A S E
T A L K
T O
Y O U R
I N S T R U C T O R T O T H I S
I F
Y O U
H A V E
Q U E S T I O N S
R E L A T E D
L A B .
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
Lab
H T T P
F lo o d in g
U s in g
D o S H T T P
D oS H T T P is an H T T P flood denial-of-service (D oS) testing toolfor Windows. D o S H T T P includesp o rt designation and reporting. ICON KEY
/ V a lu a b le in fo r m a tio n
L a b S c e n a r io
H T T P flo o d in g is a n a tta c k th a t u se s e n o rm o u s u seless p a c k e ts to jam a w e b server. 111 tliis p a p e r, w e u se lu d d e n se m i-M a rk o v m o d e ls (H S M M ) to d e s c n b e W e b b ro w s in g p a tte rn s a n d d e te c t H T T P flo o d in g attack s. W e first u se a large n u m b e r o f leg itim ate re q u e s t seq u e n c e s to tra in a n H S M M m o d e l a n d th e n u se tins leg itim ate m o d e l to c h e c k ea c h in c o m in g re q u e s t se q u en c e . A b n o rm a l W w b traffic w h o se lik e lih o o d falls in to u n re a s o n a b le ra n g e fo r th e leg itim ate m o d e l w o u ld b e classified as p o te n tia l a tta c k traffic a n d sh o u ld b e c o n tro lle d w ith special a ctio n s su c h as filtering 01 lim itin g th e traffic. F inally w e v alid ate o u r a p p ro a c h b y te stin g d ie m e th o d w ith real data. T h e re su lt sh o w s th a t o u r m e th o d c a n d e te c t th e a n o m a ly w e b traffic effectively. 111 th e p re v io u s lab y o u le a rn e d a b o u t S Y N flo o d in g u sin g 11p111g3 a n d th e c o u n te rm e a s u re s th a t c a n b e im p le m e n te d to p re v e n t su c h attack s. A n o th e r m e th o d th a t atta c k e rs c a n u se to a tta c k a se rv er is b y u sin g th e H T T P flo o d a p p ro a c h . A s a n e x p e rt e th i c a l h a c k e r a n d p e n e tr a ti o n t e s t e r , y o u m u s t b e aw are o f all types o f h a c k in g a tte m p ts 0 11 a w e b serv er. F o r H T T P flo o d in g a tta c k y o u sh o u ld im p le m e n t a n a d v a n c e d te c h n iq u e k n o w n as ta rp ittin g , w h ic h o n c e esta b lish e d su ccessfu lly w ill set c o n n e c tio n s w in d o w size to few bytes. A c c o rd in g to T C P / I P p ro to c o l d esig n , th e c o n n e c tin g d ev ice w ill initially o n ly se n d as m u c h d ata to targ et as it tak es to fill d ie w in d o w u n til th e serv er re s p o n d s. W ith ta rp ittin g , th e re w ill b e
110
.-* v
Test yo ur
______ k n o w le d g e
m .
W e b e x e r c is e
re s p o n s e b a c k to th e p a c k e ts fo r all u n w a n te d H T T P re q u e sts, th e re b y
p ro te c tin g y o u r w e b server.
L a b O b je c t iv e s
T h e o b je c tiv e o f tin s la b is to h e lp s m d e n ts le a r n H T T P flo o d in g d e m a l-o t se rv ic e (D o S ) a tta c k .
Ethical Hacking and Countermeasures Copyright by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
L a b E n v ir o n m e n t
T o e a rn o u t th is lab , y o u n eed : D oSH T T P to o l lo c a te d a t D :\C E H -Tools\C E H v 8 M o d u le 1 0 D enial-ofS e rv ic e ' DDoS A tta c k T o o ls\D o S H TTP Y o u c a n a lso d o w n lo a d th e la te s t v e r s io n o f D o S H T T P f r o m th e lin k h ttp : / / w w w .s o c k e ts o f t. 11 e t / I f y o u d e c id e to d o w n lo a d th e l a t e s t v e r s io n , th e n s c r e e n s h o ts s h o w n
111 th e la b m ig h t d if fe r
A c o m p u te r m m iu ig W in d o w s S e r v e r 2 0 1 2 as h o s t m a c h in e W in d o w s
7 ru n n in g
L a b D u r a tio n
T u n e : 10 M in u te s
O v e r v ie w o f D o S H T T P
D o S H T T P is an H T T P H ood d en ial-o f-se rv ic e (D oS ) te stin g to o l fo r W in d o w s. I t in clu d e s U R L v e rific atio n , H T T P re d ire c tio n , a n d p e rfo rm a n c e m o n ito rin g . D o S H T T P u ses m u ltip le a s y n c h ro n o u s so c k ets to p e rf o rm a n e ffectiv e H T T P flo o d . D o S H T T P c a n b e u s e d sim u lta n e o u sly o n m u ltip le clients to e m u la te a d is tn b u te d d e n ial-o f-serv ice (D D o S ) attack . T in s to o l is u s e d b y I T p ro fe ssio n a ls to te s t w e b se rv er p e rfo rm a n c e .
Lab T asks
1. 2. D oSH T T P F lo o d in g In sta ll a n d la u n c h D o S H T T P u i W in d o w s S e r v e r 2 0 1 2 . T o la u n c h D o S H T T P , m o v e y o u r m o u s e c u rs o r to lo w e r le ft c o rn e r o f d ie d e s k to p a n d click S ta r t.
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
3.
Start
C c ro U c r DoSHTTP is an easy to use and powerful HTTP Flood Denial of Service (DoS) Testing Tool for Windows. DoSHTTP includes U R L Verification, H TTP Redirection, Port Designation, Performance Monitoring and Enhanced Reporting.
y *
Adm inistrator ^
T a f c M a n a g e r
M o iilla F ir e f o x
C to n e
*
S
C o m m a n d P r o m p t rr N k k W o b C lc n t
N otefao*
l
r w S H T T P
V tm n K tr
H y p o fV
T h e D oSH T T P m a in scre e n ap p e a rs as s h o w n 111 th e fo llo w in g figure; 111 d iis lab w e h a v e d e m o n s tra te d trial v e rsio n . C lick T ry to c o n tin u e . H
| File O p tio n s
D
H Ta
DoSHTTP Registration
r
Us
[m Sa
fry
Close
3 3
Register
I
Csc 3 r-sr
tttD://w w w .so cketsoft. ret '
R eady
FIG U R E 2.3: D oSH TIP main window
5. 6.
7.
Ethical Hacking and Countemieasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
H
File
*1
DoSH TTP
HTTP Flood Denial of S ervice (DoS) Testing Tool Target URL
10.0.0.11
Usei Agent
|Mozilla/6.0 (compatible; MSIE 7.0a; Windows NT 5.2; SV1)
Sockets
Requests
| |Continuous
1 500
Leca D s c a mer
Close
httD://www.socketsoft.ret'
Ready
--------
!-------------------------- J
H
File
y DoSHTTP uses multiple asynchronous sockets to perform an effective H TTP Flood. DoSHTTP can be used simultaneously on multiple clients to emulate a Distributed Denial of Service (DDoS) attack.
DoSHTTP
E valuation m o d e w ill o n ly p e rfo rm a m a x im u m o f 10000 requests per session.
OK
Lees D - S c a rrer
t ttD:.| , . www.soctetsoft.ret/
Ready
9.
Ethical Hacking and Countenneasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.
M odule 10 - D enial o f S e rv ic e
^ j" ^ p t jr in g f r o m M ic r o s o f K o r p o r a t !o n A D e v !n \ N P ^ 6 0 5 F lD 1 ^ 2 C M E A ^ A 6 ^ E 4 8 A 8 C W 2 ^
F i l e d i t View
pyai
F i l t e r No. Time Source 81 14.2268530 10.0.0.10 D e s t i n a t i o n 10.0.0.11
ojai 1 *
m m
| |E x p r e s s i o n . . C l e a r Apply Save P r otocol Length I n f o * TCP 66 57281 > http [SYN] Sec
85 85 87 83 89 90 91 92 93 94 95
14. 9489030 Del 1_c3:c3:cc Broadcast 15.4810940 1 0 .0 .0 .1 0 1 0.0.0.255 15.4812800 fe80: : 38aa: 6390 : 554 f f 02: :1:3 15.4813280 10.0.0.10 224.0.0.252 15. 9012270fe80: :38aa:6390:554ff02: :1:3 15 9013020 10.0.0.10 224.0.0.252 15 9494970 De11_c3:c3:cc Broadcast 16 2313280 10.0.0.10 10.0.0.255 16 9962120 10.0.0.10 10.0.0.255 17 7675600 f p80 : : 38aa : 6390 :5 54 f f 0?: :1 7 18 4547800 D e l1 _c 3 :c3 :c c M icro sof_a8 :7 8 :0 5
ARP NBNS
llnnr
LLNNR LLNNR
llnnr
ARP NBNS
nbns
DHCPv6 ARP
42 who has 10.0.0.13? Te 92 Nam e query NB W PAD<00> 84 standard query 0xfe99 64 stardard query 0xfe99 84 Stardard query 0xfe99 64 stardard query 0xfe99 42 who has 10.0.0.13? T 92 N am e query NB wpad< 00> 92 N am e query NB WPAD<00>. 157 S o lic it XTD: 0xa QQ84 C 42 who has 10.0.0.11? T
w Frane 1: 42 bytes on wire (336 bits). 42 bytes captured (336 bits) on interface 0 Ethernet I I , src: De11_c3:c3:cc (d4:be:d9:c3:c3:cc), Dst: Broadcast ( f f : f f : f f : f f : f f : f f )
E Address Resolution Protocol (request)
f f f f f f f t f t f f d4 be 0800 06 04 00 01 d4 be 0000 00 00 00 00 Oa 00
d9 c3 c3 cc 08 06 00 01 d9 c3 c3 cc Oa 00 00 Oa 00 O d
FIG U R E 26: Wireshark window DoSHTTP can be used simultaneously on multiple clients to emulate a Distributed Denial of Service (DDoS) attack.
L a b A n a ly s is
A n a ly z e a n d d o c u m e n t d ie resu lts re la te d to d ie lab exercise. T o o l/U tility D oSH TTP I n f o r m a tio n C o ll e c te d / O b j e c ti v e s A c h ie v e d H T T P p a c k e ts o b s e r v e d flo o d in g th e h o s t m a c h in e
P L E A S E
T A L K
T O
Y O U R
I N S T R U C T O R T O T H I S
I F
Y O U
H A V E
Q U E S T I O N S
R E L A T E D
L A B .
Q u e s t io n s
E v a lu a te h o w D o S H T T P ca n b e u se d sim u lta n e o u sly o n m u ltip le clients a n d p e rfo rm D D o S attacks.
Ethical Hacking and Countemieasures Copyright by EC-Council All Rights Reserved. Reproduction is Stricdy Prohibited.
M odule 10 - D enial o f S e rv ic e
2.
D e te rm in e h o w y o u c a n p re v e n t D o S H T T P attack s 0 11 a n e tw o rk .
Ethical Hacking and Countermeasures Copyright by EC-Council A ll Rights Reserved. Reproduction is Stricdy Prohibited.