Performing TCP Attacks With SEED Labs: My Results – Code Inlet

The Transmission Control Protocol (TCP) is used by a wide variety of applications for communication (e.g. browsers, Telnet, SSH, and more). Unfortunately, TCP is also vulnerable to a variety of attacks. The vulnerabil ...

The Transmission Control Protocol (TCP) is used by a wide variety of applications for communication (e.g. browsers, Telnet, SSH, and more). Unfortunately, TCP is also vulnerable to a variety of attacks. The vulnerability arises because TCP doesn’t provide any packet encryption. Essentially Performing TCP Attacks With SEED Labs: My Results – Code Inlet https://codeinlet.com/2021/04/16/tcp-attacks-with-seed-labs/ 1 of 38 11/17/2022, 1:46 PM anyone monitoring a network has access to a lot of valuable information contained inside TCP/IP packets. This makes it easy for attackers to sni� a network, spoof TCP packets, and then use those spoofed packets to disrupt connections, or worse, hijack a connection and make changes to sensitive data. It is important for you to understand how these attacks are performed and what countermeasures you can implement to prevent them. Luckily, there is an excellent resource called SEED Labs (https://seedsecuritylabs.org/) (Created by Dr. Wenliang Du) that provides hands-on labs for security education. One of the labs covers TCP attacks and you can learn a lot by completing it. Below is my lab report for the SEED Labs 1.0 TCP Attacks Lab done on their Ubuntu 16.04 LTS virtual machine. This lab covers the TCP SYN �ooding attack (and SYN cookies), TCP reset attack, TCP session hijacking attack, and reverse shell. I encourage you to follow along with my lab report while completing the lab yourself and use my lab report to check your work. Resources for the lab: • Lab Overview (https://seedsecuritylabs.org/Labs_16.04/Networking/TCP_Attacks/ ) • Lab Description (https://seedsecuritylabs.org/Labs_16.04/PDF/TCP_Attacks.pdf ) • Textbook (https://www.handsonsecurity.net/ ) • Udemy Course (https://www.udemy.com/course/du-internet-security /?referralCode=9279DCD7BAFFAC610D6B&couponCode=SEED2021B0323) I will be using three di�erent virtual machines for this lab: Attacker (IP 10.0.2.15), User (IP 10.0.2.6), and Server (IP 10.0.2.4):