welcome back to war! Let's move tribe! "This method of attack follow...The spoofed IP could be that of an unsuspecting personal computer or high powered server. For this example we will assume the latter.
First our attacker launches a spoofed SYN flood onto its target. The target (a server) begins to take on connections and responds to the SYN with an ACK. However, since the IP is spoofed, our target server sends a flood of ACKs to the actual server for which the spoofed IP belongs. The target server being unaware of the events that have unfolded upon its behalf; responds with a flood of RST packets for each of the ACKs it has received. Consequently, what started as a single sourced SYN attack has now become a two vector SYN and RST attack. The second source being completely innocent in the hostile intent it has now conducting upon the target."
First our attacker launches a spoofed SYN flood onto its target. The target (a server) begins to take on connections and responds to the SYN with an ACK. However, since the IP is spoofed, our target server sends a flood of ACKs to the actual server for which the spoofed IP belongs. The target server being unaware of the events that have unfolded upon its behalf; responds with a flood of RST packets for each of the ACKs it has received. Consequently, what started as a single sourced SYN attack has now become a two vector SYN and RST attack. The second source being completely innocent in the hostile intent it has now conducting upon the target."
No comments:
Post a Comment