A Denial-of-Service (DoS) attack is when an attacker causes a temporarily or indefinitely disrupting services of a host by flooding the target with a massive traffic. This exercise has four parts to design and implement DoS attacks on a SCADA system.
- Use Hping3 to perform each a LAND attack and a SYN flood attack.
- Use Metasploit to conduct a SYN flood attack.
- Analyze the performance of a SYN flood with Hping3 and with Metasploit.
2 Before Starting
It is essential that you use the system you have created from the previous assignments on this homework. You will need Wireshark on your host machine for this assignment.
2.1 Network Architecture Requirement
You must have the network architecture below before starting this assignment:
3 Using Hping3 to create DoS attacks
Your goal is to create a DoS attack against the PLC using Hping3 and observe the results in Wireshark. Kali Linux comes with Hping3 pre-installed; so, you do not need to install it. You will need to perform these tasks to answer the post exercise questions.
3.1 Create a LAND attack
Your DoS attack should follow these requirements:
- This DoS attack will send 3000 packets.
- Set the size of the payload to be 100 bytes.
- Make sure the packet type is SYN.
- The attack will occur on port 502 and the source port will equal 80.
- You want to preserve the source port and to spoof the attacker address.
- Open the terminal and conduct an Hping3 DoS attack.
- Open Wireshark choose eth0 and check your results.
3.2 Create a SYN flood attack
Using the same tool as Part #1 (Hping3), your goal is to perform a SYN flood attack against the PLC. Open Wireshark choose eth0 and check your results.
4 Using Metasploit to create a DoS attack
Metasploit is a powerful framework that you can use to perform many types of attacks. Your task is to execute a SYN flood attack against the PLC using this tool. You will need to perform these tasks to answer the post exercise questions.
- Kali Linux comes with Metasploit pre-installed; so, you do not need to install it.
- Open Wireshark choose eth0 and check your results.
Reviews
There are no reviews yet.