1. Home > Web_defense >

Kali Linux Penetration Test Denial of Service Attack and Defense

As a penetration tester, sometimes it is necessary to perform DDOS attack testing on the customer’s system, so at this time we need to have a qualified testing tool. In Kali Linux, some DDOS test tools are integrated for testers to use. Here is a brief introduction to some test tools.
Denial of service attack under kali:
D(D)OS.............................. ..........1
yersinia.................................. ....2
hping3........................................ 3
SynFlood attack using metasploit......4
WEB DOS (stress test)............. ...5
1.DOS(DDOS)
Denial of service attack is when the attacker finds a way to stop the target machine from providing services.
Common In order to consume broadband, CPU, memory resources (various flood attacks)
resulting in prolonging server response time
using service vulnerabilities, compromising services
IP spoofing, etc.
2.YERSINIA
Project address http://vip.myhack58.com Underlying Protocol Attack Intrusion Detection Tool for a variety of attacks against multiple protocols
For example, to seize the root role of the spanning tree (Spanning Tree Protocol: Spanning Tree Protocol) to generate a virtual CDP (Cisco Discovery Protocol: Cisco Discovery Protocol) neighbors, virtualized as an active router in an HSRP (Hot Standby Router Protocol) environment, creating fake DHCP feedback, and other low-level attacks.
Generally use graphical attack interface
Usage: yersinia [-hVGIDd] [-l logfile] [-c conffile] protocol [protocol_options]
-V version information
-h get Help information
-G graphical working interface
-I interactive mode.
-D background mode
-d debugging
-l logfile select log file
-c conffile Select the configuration file
protocol Protocols that can be attacked: cdp, dhcp, dot1q, dot1x, dtp,
hsrp, isl, mpls, stp, vtp.
yersinia -G enables graphical Interface

Case: Attack and test DHCP service
DHCP server/windows server 2003/IP: 192.168.10.10
Kali Linux / IP: 192.168.10.100
First look at the process of obtaining an IP address from DHCP


The first step: Start the DHCP server
On the DHCP (windows server 2003) server, the allowed IP address range is 192.168.10.100-200
Kali has rented 192.168.10.100

The second step: start the yersinia attack program
select the corresponding network card interface in yersinia

There are four ways to attack DHCP:
sending RAW packet #sending original data packet
sending DISCOVER packet #sending request to obtain IP address data Packet, occupying all IPs, causing denial of service
creating DHCP rogue server #create a fake DHCP server, let users connect, real DHCP can not work
sending RELEASE packet #sending a release request to the DHCP server, causing All IPs in use are invalid

Carry out a DHCP DISCOVER test attack

Once the DHCP server is attacked by DISCOVER, all valid IPs in the address pool cannot be used, and new users cannot obtain IP addresses.
Note: Although all IP addresses are occupied here, they are in DHCP There is no display in the address pool
Step 3: Verify the attack result
Use a windows xp to obtain the IP address, and you will find that the execution of the ip command is invalid.

So our DHCP DISCOVER attack is effective! ! !
Defensive scheme:
Enable port monitoring on the switch, set trusted ports and untrusted ports, by default switch ports are untrusted ports. Untrusted port: the port connected to the terminal device. The client of this port can only send DHCP request messages, and discard all other DHCP messages (DHCP offer, etc.) from this port. Trusted port: connect to a legal DHCP server or aggregation interface, Able to forward and receive all DHCP messages

[3][4]

This article is published by www.internetweblist.com and does not represent the position of www.internetweblist.com/:http://www.internetweblist.com/Web_defense/28670.html

Contact Us

Online consultation:click here to give a message