zbeng Posted November 14, 2006 Report Share Posted November 14, 2006 We all know hping as a network scanning tool and analyzer. In this article I use it as a DOS tool…pretty simple. First off open tcpdump so you can monitor what is going on. Then I format the command for the attack which looks like this:exploit2:/Users/sting3r root# hping2 -a 192.168.2.126 -S 192.168.2.115 -p 80 -i u10000In the command youll notice the -a switch which is used to spoof the source address. My curent IP at the time of the attack was 192.168.2.192. This also eliminates the possibility of getting the RST packet from the targeted host. The -i switch dictates the packet interval. Now understand you will not see an of the return traffic to your machine because of the -a spoof source switch.In the screen shot you can see the traffic between the spoofed source and the target….this is a pretty basic attack and can be mitigated. Quote Link to comment Share on other sites More sharing options...