LAN Attack (IP Spoofing) Flashcards
Lan Attack Blue Print (Spofed IP address)
Tool used - hping3
In Kali terminal.
hping3 -V (verbose) -c 100 (number of packets) -d 100 (Size of packets) -S (syn flag) -p 21 (target port number) -s 80 (source port number) -k (perserves source port) -a spoofs IP address) .
ICMP Flooding (Ping flood(#)
ICMP = Internet Control Message Protocol) is an error-reporting protocol network devices like routers use to generate error messages to the source IP address when network problems prevent delivery of IP packets. … ICMP is not a transport protocol that sends data between systems.
ICMP request and acknowldge is used when you PING an IP address. It can also be used for echo (port 7). ICMP can be used to redirect m#traffic as well - it can tell a router where to send the traffic.
Using Hping3
hping3 -1 (specifies in icmp mode) –flood -a (spoofs target ip address) then end range of subnet
Using LOIC
Defence against it. Witihin router specifiy the amount of packets allowed (number of packets per second).
Disabling a ping flood is most easily accomplished by disabling the ICMP functionality of the targeted router, computer or other device. A network administrator can access the administrative interface of the device and disable its ability to send and receive any requests using the ICMP, effectively eliminating both the processing of the request and the Echo Reply. The consequence of this is that all network activities that involve ICMP are disabled, making the device unresponsive to ping requests, traceroute requests, and other network activities.
