Experiment No.

Date of Performance: 22-04-2021 Date of Submission: 22-04-2021

SAP ID: 60004198011 Name: Krutik Shah
Div: B Batch: B4

Aim of Experiment:
Implement DOS Attack using Hping, Hping3 and other tools.

Theory / Algorithm / Conceptual Description:

DOS attack
• DOS stands for Denial Of Service.
• Attacker makes the system or data unavailable to someone who needs it by consuming all the
resources it has.

SYN Concept

• Exchange a series of messages to start a TCP connection between client and server.
• SYN is a TCP packet sent to another computer requesting that a connection be established
between them. If the SYN is received by the second machine, an SYN/ACK is sent back to the
address requested by the SYN.
• Lastly, if the original computer receives the SYN/ACK, a final ACK is sent.
SYN Flood
Attacker sends a succession of SYN requests to target’s system in attempt to consume enough server
resources to make the system unresponsive.

In a SYN flood attack, the attacker sends repeated SYN packets to every port on the targeted server,
often using a fake IP address. The server, unaware of the attack, receives multiple, apparently
legitimate requests to establish communication. It responds to each attempt with a SYN-ACK packet
from each open port.

The malicious client either does not send the expected ACK, or—if the IP address is spoofed—never
receives the SYN-ACK in the first place. Either way, the server under attack will wait for
acknowledgement of its SYN-ACK packet for some time.

Hping
• hping is a command-line oriented TCP/IP packet assembler/analyzer.

• The interface is inspired to the ping(8) unix command, but hping isn't only able to send ICMP
echo requests. It supports TCP, UDP, ICMP and RAW-IP protocols, has a traceroute mode, the
ability to send files between a covered channel, and many other features.

• Hping is a free packet generator and analyzer for the distributed IP protocol. It is one of the de
facto tools for security auditing and the testing of services and networks. It is a “Swiss Army
knife” that generates virtually any IP, TCP or UDP packet. Hping can transmit a single packet,
or multiple packets being sent at a specified rate or a maximal ‘flood’ rate.

• These features are possible because Hping opens ‘raw sockets’ injecting traffic directly to the
network card and bypassing the operating system TCP/IP stack, with all its regulations and
limitations.

• It is typically used in Linux but can also be used in Windows.

• Hping3 is the latest version.

Hping3
A network tool able to send custom TCP/IP packets and to display target replies.
Sample Code:

hping3 -S (Source IP) -a (Destination IP) -p 135 --flood

Usage of Hping tool and hping3 package:

While hping was mainly used as a security tool in the past, it can be used in many ways by people that
don't care about security to test networks and hosts. A subset of the stuff you can do using hping:

• Firewall testing
• Advanced port scanning
• Network testing, using different protocols, TOS, fragmentation
• Manual path MTU discovery
• Advanced traceroute, under all the supported protocols
• Remote OS fingerprinting
• Traceroute under different protocols.
• TCP/IP stacks auditing
• hping can also be useful to students that are learning TCP/IP.

Hping3 Command help:

`
Demonstration 1:

Lacampora.org: is the target

-q: brief output
-n: show target IP instead of host.
-d 120: set packet size
–rand-source: hide IP address.

Traceroute is a network diagnostic tool used to track in real-time the pathway taken by a packet on an
IP network from source to destination, reporting the IP addresses of all the routers it pinged in
between. Traceroute also records the time taken for each hop the packet makes during its route to the
destination.
Demonstration 2:

Before:

After:
Conclusion:
Thus, we have successfully implemented DOS attacks using the Hping tool and hping3 package.
Presentation