Wat is a sync attack?

Discussion in 'other firewalls' started by phantumdude, Aug 20, 2007.

Thread Status:
Not open for further replies.
  1. phantumdude

    phantumdude Registered Member

    Joined:
    Aug 20, 2007
    Posts:
    5
    i want to kno wat a sync attack is.....how does it affect a system with Windows-XP OS n LINUX OS? how do i conduct this attack manually on a system-is there a posibility of doing it??
     
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi phantumdude :)

    In a typical connection from a client to a server there is the initial hanshake to established the connection:


    The client send a TCP packet with the flag SYN on the listening server port
    and the server will respond with a TCP packet with the flags Ack + Syn and the handshake is completed with the acknowlegment for the client with a TCP packet + ACK (This is a simplified example...):

    client ================== server listening on port X

    --------------------->>> Syn
    <<<--------------------- Ack Syn
    --------------------->>> Ack

    Connection is now in the "established state" ...

    A "Syn (or Sync) attack" is used in Distributed Denial of Service. The idea is to send to a server a flood of connections requests (TCP + flag Syn) until these request cannot be managed by the server and deny any other connections...

    Example of this at Gibson Research:
    http://www.grc.com/dos/grcdos.htm

    These DDOS targets are companies servers, institutions servers, government server NOT an individual PC running Windows or Linux or MAC OS...

    The possibility to have a PC targetted by such attack is almost impossible.
    (The probability is around 0... :D )

    Now you want to know how to makes a DDOS ?

    Did you expect to received any help for this at Wilders Security Forum?

    https://www.wilderssecurity.com/TOS-Privacy.html

    " You agree, through your use of this forum, that you will not post any material which is false, defamatory, inaccurate, abusive, vulgar, hateful, harassing, obscene, profane, sexually oriented, threatening, invasive of a person's privacy, or in violation of ANY law. This is not only a forum policy, but legal action can be taken against you in accordance with appropriate law. You also agree not to post or upload any copyrighted material unless the copyright is owned by you or you have consent from the owner of the copyrighted material. Spam, flooding, advertisements, chain letters, pyramid schemes, and solicitations are also inappropriate in this forum. Furthermore, you agree not to post any links to warez sites or sites from which malware (viruses, worms, trojans, backdoors etc.) can be downloaded. "

    Don't expect any help here for Cyber Vandalism.

    Best regards,
     
  3. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Good one, Climenole :thumb:
     
  4. phantumdude

    phantumdude Registered Member

    Joined:
    Aug 20, 2007
    Posts:
    5
    hey! this wasn to attack any system personally.....jus wanted to know if i could flood a system with so many requests!.....Nothing much:)......
     
  5. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi phantumdude :)

    No Distributed Denial of Service for PC...

    "These DDOS targets are companies servers, institutions servers, government server NOT an individual PC running Windows or Linux or MAC OS..."

    Are you running a corporate server ? ;)

    Have a firewall: incomings TCP + syn packets are blocked.
    Don't worry about this.

    :)
     
  6. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    A SYN attack is a common denial of service (DOS) technique info

    For some protection (windows) against this type of DOS attack info

    SYN flood
     
  7. phantumdude

    phantumdude Registered Member

    Joined:
    Aug 20, 2007
    Posts:
    5
    this m doing only for experiemental purposes:) .
    i jus need little help-I tried sending packets from host A to host B(using a packet generator).Here i entered the source ip as that of another host say Host C and the destination ip was that of Host B. i used the frameip tool.I then used the ethereal tool to chk if Host B got packets actually from Host C(but actually the tool was used in Host A).How do i proceed further nw for a sync attack.And this is not for any professional hacking or sumthing:)(jus for experiemental purpose) Is there a posibilityfor actual reply from Host B back to Host C rather than Host B.Please guide me on this!
     
  8. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi phantumdude,

    Your intentions may be as you say, but, with respect, giving out info on the building of spoofed packets for a syn attack is not something we will do.
     
Thread Status:
Not open for further replies.