Kali SYN Flood (Metasploit), not denying service

Question

I have a server with apache2 installed. I tried to do a dos attack on the server by using kali linux syn flood attack, but i am still able to access the website on the server.

msf auxiliary(synflood) > set

Global

No entries in data store.

Module: dos/tcp/synflood
========================
  Name              Value
  NETMASK          24
  RPORT       80
  SNAPLEN     65535
  TIMEOUT     500
  UDP_SECRET  1297303091
  VERBOSE     false
  rhost       192.168.2.2
  shost       192.168.1.8"

After monitoring the server, I noticed that only the CPU level increase, the RAM memory stays constant with no any change.

@ShaneMadden Thank you, now it is denying service after I disable the SYN cookies. But still I did not notice any change in the memory of the server. It's only the CPU that increased in its activity. Is this how its suppose to work or is it because am using VM. Thank you — Abdul, Jun 16 '14 at 14:54

score 1 · Answer 1 · answered Jun 16 '14 at 16:04

1

(moving this here from comment) A server using SYN cookies should be robust against a SYN flood - if your server's not collapsing as expected from a SYN flood, check if cookies are enabled.

On the RAM usage, each pending connection does indeed require RAM, but you're hitting a different limit (probably tcp_max_syn_backlog RAM's already been allocated for the backlog, so you're effectively denying service by filling the backlog).

answered Jun 16 '14 at 16:04

Shane Madden

114,520
13
181
251

+1 as syn cookies was exactly what I was going to suggest as a reason. – Kaithar Apr 30 '15 at 09:58

Kali SYN Flood (Metasploit), not denying service

1 Answers1