Eicon Networks S92 Manual de usuario descargar pdf (Pagina 198)

YuChakTinMichael‘sGIACGCFWProjectAssignment

Page 198

TribeFloodNetwork UDP,ICMP,SYN.Smurf

Stacheldrachtandvariants UDP,ICMP,SYN.Smurf

TFN2K UDP,ICMP,SYN.Smurf

Shaft UDP,ICMP,SYN.combo

Mstream Stream(ACK)

Trinity,TrinityV3 UDP,SYN,RST,RandomFlag,ACK,Fragment,...

Oftheabovetools,TFNanditsvariancesseemtobethemostpopularchoices.An

articleprovidedbytheUniversityofChicagodescribesTFNindetail:

“TribalFloodNetworkissimilartotrin00init'sgeneraldesign,thoughthereisno

Windowsversionofit.…Communicationbetweentheclientsanddaemonsisdone

viaICMPEchoReplies.Thismeansthatthetraff iclooksalmostidenticaltostandard

pings.It'shardtolocatewithout lookingatthecontentsofthepacketandimpossible

toblockatafirewallwithoutblockingoutgoingpings.Thecommandsarehidden

insidetheidfieldoftheICMPpacket…NewerversionsofTFNallowforencryption

ofboththeiplistfile,thelistofmasters,andthedataportionoftheICMPpackets.”

73

So,aslongaswehaveICMPconnectivitywiththeamplifiersandthattheTFN

daemonsarerunningonthem,wecanlaunch an attackeasily!

UsingTFN:

HowtouseTFN?

Firstofall,weneedtounderstandhowTFNworks.AccordingtoDavidDittrich,

“TFNismadeupofclientanddaemonprograms,whichimplementadistributed

networkdenialofservicetoolcapableofwagingICMPflood,SYNflood,UDPflood,

73

http://security.uchicago.edu/seminars/DDoS/tfn.shtml

1 2 ... 193 194 195 196 197 198 199 200 201 202 203 ... 208 209

Sin comentarios

Eicon Networks S92 Manual de usuario Pagina 198