7/4/2023 0 Comments Syn cookiesIf the Src option in the Graph tab is set to "forward" the attack traffic will show as black. Notice that you can change the counters to show packets or bytes (selection option on top of a graph). Once traffic starts flowing, legitimate traffic will show as green and attack traffic will show as red on these graphs. Right clicking on nodes should open a menu that allows users to open graphs in the Graph tab. Once attached, experiment topology is visible in the Topology tab. Otherwise delete the information in the SSH Key File input field and you will be asked for your DETER password. You may want to input your public key into the dialog (SSH Key File) if you have already set up passwordless access to DETER. Next, you will need to input your username on DETER (for example ) and the same password you use to log on to DETER. This is done by choosing Emulab Interface->Attach to Experiment from the GUI and then input Project and Experiment Name. Then, the experiment must be "attached" to the GUI. Once the code starts, choose the "Emulab" interface in the first dialog. The code should work on any computer supporting a reasonably recent version of Java. Once an experiment is swapped in use SEER GUI by clicking at "Launch SEER now" option from here. That add support for traffic generation and visualization via SEER. Tb-set-node-startcmd $node "sudo python /share/seer/v160/experiment-setup.py Basic" Do not modify the topology file but read it through and identify what each directive does.Įspecially important are the lines in the NS file: Before proceeding to the assignment instructions make sure that you understand how TCP SYN flood attack works, which resource it ties up and how, and how syncookies help mitigate this attack.Įach student should load the topology file /share/education/TCPSYNFlood_USC_ISI/synflood.ns into the DETER testbed to create a new experiment. SYN flood attacks in the Internet Denial of Service book (optional reading)ĭenial of service attacks deny service to legitimate clients by tying up resources at the server with a flood of legiitmate-looking service requests or junk traffic.Short summary of SYN flood attack on Wikipedia.Additionally, extra credit questions improve a student's understanding of how networks and TCP/IP work. This exercise helps students learn the following concepts: (1) How TCP/IP works and how its design can be misused for attacks, (2) How easy it is to perpetrate a DoS attack, with fully legitimate traffic and at a low rate, (3) How easy it is to protect machines from this type of attacks via built-in OS mechanisms. Afterwards, they will be asked to apply a known defense against SYN flood known as SYN cookies, repeat the attack and observe the protection. Students will be able to create a real attack using DETER tools, and to observe its effect on legitimate traffic. This exercise demonstrates a well-known denial-of-service attack, called TCP SYN flood.
0 Comments
Leave a Reply. |