Nmap Development mailing list archives
Re: Nmap NSE syn-flood
From: David Fifield <david () bamsoftware com>
Date: Tue, 13 Nov 2018 16:13:08 -0700
On Mon, Nov 12, 2018 at 12:01:32PM +0200, Noam Rathaus wrote:
I would like to contribute the following script, syn-flood.nse I do not have much experience with NSE, so I did my best to write it according to the standard I would welcome feedback - in any form In summary this NSE preforms a SYN flood on an open tcp port (65535 syn packets), and completely ignores the response
Does this require the scanner to alter its firewall rules, so that the kernel doesn't send a RST in response to the target's SYN/ACK? try(dnet:ip_open()) try(dnet:ip_send(tcp.buf, host)) --- We should receive an ACK back, which we won't respond to or care about ↑ I mean here, the NSE won't respond to the ACK, but the kernel will respond with a RST, which will ruin the SYN flood. _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap NSE syn-flood Noam Rathaus (Nov 13)
- Re: Nmap NSE syn-flood David Fifield (Nov 13)