在針對防火牆對DoS和會話限制能力測試時,Linux 中有一個名為hping3的程序可以產生仿真數據包泛洪攻擊。它可以產生少量的數據包氾濫,同時仍然保持至少50%的CPU可用於管理。
如果我們需要測試SYNC泛洪的會話限製或閾值限製到Web服務器端口80,我們可以使用下面的命令。
Continue reading
Hping3 – Linux的仿真數據包泛洪攻擊
Leave a reply
Tag Archives: linux
Hping3 – Flooding simulation with Linux
When testing firewalls ability against the DoS and session limit, there is a program in Linux called hping3 to produce flooding with. It can generate a small amount of packet flood while still keeping at lease 50% of CPU free for management.
if we need to test a session limit or threshold limit for SYNC flood toward to a web server port 80, we could use the command below.
Continue reading
Recover the FTP password via TCPDUMP
I always keep my frequently used files in my FTP server, at the same time, and i have my password saved in my FTP client in my laptop as well. So when i need to login to my FTP server from another machine, i was like “hmm…. what was my password now?”
Since FTP is run via plain text, there is no encryption at all. So i have recovered my password via TCPDUMP and the username and password are “everyone”.
Continue reading