Home > other >  Forged IP sends the request
Forged IP sends the request

Time:10-28

A great god, please have a puzzled me for a long time:
If my IP address is 124. XXX. XXX. 207, now I forged a IP for the 124. XXX. XXX. 12 request sent to the server,
Such as I would like to vote through forged IP to server, and then I sent to the server requests certainly can have the server finish
Task of voting, and now the server needs to send HTML to the client, then it is sent to the 124. XXX. XXX. 12 that machine or
I had the machine?
I think should be sent to the machine, because the server not to 124. The XXX. XXX. 12 host for TCP connections, so still send
Give this machine in disguise, do not know right, a great god, please help me with?
And if the machine is the IP address of the disguised as another network segment words such as 200. XXX. XXX. 23 host, how can you routed to
The server?

CodePudding user response:

Server is root who shake hands back to who, even if you are fake, but the back bag is not necessarily to the machine, you forged IP address because you can't say for certain intermediate routers to route to where go to

CodePudding user response:

When establish a TCP connection, the client to the server sends a syn, after the server to the client sends an ack, confirmed that the client to the server to send an ack, so after both ends would establish a connection, so you forged Ip when sending a request to send the syn, since the client's Ip address does not exist, an ack after the server receives less than should be caused by the client returns an ack server connection timeout, close the socket, the back of the data transfer cannot be completed, so in the end is unable to connect,
But by raw socket a large number of fake there is no IP send syn can make server constantly send ack but no reply to a server crash, this also is a kind of attack thoughts is also a very common technique,
Was not clear if the lz Lord can go to check the TCP three-way handshake, there is a very detailed explanation in UNIX network programming
In this picture can also help lz

CodePudding user response:

Rightness, syn attack cannot be called a server crash, due to the server at the time of call listen function will maintain a message queue, store all being executed and connections to be performed and the number of sockets, only when a complete connection socket closed after the message queue number will be less 1, as is the maximum number of message queue (that is, by the listen () function of the second variable Settings), when the message queue after full, if behind the connection can only wait in the set period of time still cannot into lined up with the server connection is established, then the connection will be cancelled due to timeout syn attack load lined up but could not form connections, a normal connection request not enter lined up behind and timeout, this is the syn flooding

CodePudding user response:

Support the answer of the 1st floor, you fake bag, generally will not return to you, this is decided by the router on the road, you can't
  • Related