O'Reilly logo

Packet Analysis with Wireshark by Anish Nath

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The DOS attack

This technique is used to attack the host in such a way that the host won't be able to serve any further requests to the user. Finally, the server crashes, resulting in a server unavailable condition.

There are various attack techniques used in this topic. We will cover SYN flood and ICMP flood detection with the help of Wireshark.

SYN flood

We learned about the TCP handshake process in Chapter 3, Analyzing the TCP Network. In this handshake process, a connection is established with SYN, SYN-ACK, and ACK between the client and server.

In the SYN flood attack scenario, what is happening is that:

  • The client is sending very fast SYN; it has received the SYN-ACK but doesn't respond with the final ACK
  • Alternatively, the client is sending very ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required