Hello,
I'm currently working on a school project - where i wan't to document and test either Hping3 or the "syn flood" auxiliary in Kali Linux.
I've setup a test environment in VMware - with Kali Linux as the attacker, and Ubuntu 20.05 Server running XAMMP as the target.
Whenever i hit the target with the attack, it seems to work just fine - but the Ubuntu server seems to have all security configurations in place to handle such an attack..
I've then tried to disable Syncookies and syncache, to see whether this affect the impact of the attack. But Ubuntu still seems to be able to handle the attack, without the XAAMP server is affected.
This is what Hping3 reports when the attack is stopped:
10299536 packets transmitted, 0 packets received, 100% packets loss
This is what Ubuntu reports when using "tcpdump -i enp0s3 'Port 80':
1067 packets captured
177603 packets received by filter
176536 packets droppet by kernel
Am i missing something?
Or is there any way i can run a more vulnerable VM, and then afterwards implement various security features, to measure their affect on the attacks?
