SNHU - Performing a Denial of Service
Attack from the WAN
Introduction
Objective
CEH Exam Domain:
Denial of Service
Overview
In this lab, you will perform a denial of service attack from the wide area network.
TCP Transmission Control Protocol is a network protocol designed to send and
ensure end-to-end delivery of data packets over the Internet.
UDP
User Datagram Protocol is a transport layer protocol and simple connectionless
transmission model with a minimum of protocol mechanism. It has no
handshaking dialogues and is used where error checking and correction is
either not necessary or is performed.
HTTP
the protocol used by the World Wide Web. HTTP defines how messages are
formatted and transmitted and how Web servers and browsers should respond
to requests.
Denial
of
Service
(DoS)
is an interruption in an intended user's access to a computer network, typically
one caused with malicious intent.
Low
Orbit
Ion
Cannon
an open source network stress testing and denial of service attack application
Key
Term Description
TCP Flood
Click on the internal Linux Sniffer icon on the topology.
1
After the machine boots, Type rootfor the Username, then press Next.
2
For the Password, type toor (root spelled backwards) and click the Sign In button.
3
Click the black and white icon (second from the top) to launch the Linux terminal.
4
root@kali2:~# ifconfig
root@kali2:~# ifconfig > ip1.txt
root@kali2:~# cat ip1.txt
Type the following command and press Enter, to check for the IP Address of the
system.
5
Type the following command and press Enter to save your IP Address configuration.
6
Type the following command to view the IP Address configuration in the file.
7
root@kali2:~# cat ip2.txt
root@kali2:~# ifconfig eth0 0.0.0.0 up
Type the following command to view the IP Address configuration in the file
8
Type the following command and press Enter, so your system will not have an IP
Address.
9
root@kali2:~# ifconfig
root@kali2:~# tcpdump --help
Type the following command and press Enter, to verify that no IPv4 address is listed
for eth0.
10
Type the following command and press Enter, to see all of the available options for
tcpdump.
11
root@kali2:~# tcpdump –i eth0 -nntttt -s 0 -w TCPcapture.cap
Type the following command and press Enter, to start tcpdump sniffing on the eth0
interface.
12
Click onthe externalWindows 8.1 Attack Machinein the topology. 
13
Double-click on the desktopLOIC.exe – Shortcut.
14
In the Low Orbit Ion CannonIP box, type 203.0.113.100.
15
Click the button that says Lock on. 203.0.113.100 will appear asthe Selected target.
16
Select TCP for the Protocol in the Methoddropdown list.
17
Click the IMMA CHARGIN MAH LAZER button.
18
Wait about 30 seconds. then click the Stop flooding button.
19
Click on the internal Linux Sniffer icon on the topology.
20
root@kali2:~# capinfos TCPcapture.cap
Press Control+c to stop the capture.
21
Type the following command and press Enter,to view the total number of packet in
the TCPcapture file.
22
UDP Flood
root@kali2:~# tcpdump –i eth0-nntttt -s 0-w UDPcapture.cap
Examine thetotal number of packets captured in the Number of packetsdata.
23
Type the following commandand press Enter, to start tcpdump sniffing on the eth0
interface.
1
Click on the externalWindows 8.1 attack machine in the topology. 
2
Select UDP for the Protocol in the Methoddropdown list.
3
Click the IMMA CHARGIN MAH LAZER button.
4
Wait about 30 seconds. Click the Stop flooding button.
5
Click on the internal Linux Sniffer icon on the topology.
6
Press Control+c to stop the capture.
7
root@kali2:~# capinfos UDPcapture.cap
HTTP Flood
Type the following command andpress Enter, to view the total number of packet in
the UDPcapture file.
8
Examine tht total number of packets captured in the Number of packetsdata.
9
root@kali2:~# tcpdump –i eth0 -nntttt -s 0 -w HTTPcapture.cap
Type the following command andpress Enter,to start tcpdump sniffing on the eth0
interface.
1
Click on the externalWindows 8.1 Attack Machine in the topology. 
2
Select HTTP for the Protocol in the Methoddropdown list.
3
Click the IMMA CHARGIN MAH LAZER button.
4
Wait about 30 seconds. Click the Stop flooding button.
5
root@kali2:~# capinfos HTTPcapture.cap
Click on the internal Linux Sniffer icon on the topology.
6
Press Control+c to stop the capture.
7
Type the following command andpress Enter, to view the total number of packet in
the HTTPcapture.cap file.
8
root@kali2:~# tcpdump –i eth0 -nntttt -s 0 -w HTTP2capture.cap
Examine tht total number of packets captured in the Number of packetsdata.
9
Type the following command andpress Enter, to start tcpdump sniffing on the eth0
interface.
10
Click on theWindows 8.1 Attack Machine in the topology. Uncheck the Wait for
reply button next to HTTP.
11
Click the IMMA CHARGIN MAH LAZER button.
12
Wait about 30 seconds. Click the Stop flooding button.
13
Click on the internal Linux Sniffer icon on the topology.
14
root@kali2:~# capinfos HTTP2capture.cap
Press Control+c to stop the capture.
15
Type the following command andpress Enter, to view the total number of packet in
the HTTP2capture.cap file.
16
Examine tht total number of packets captured in the Number of packetsdata.
17
Click on the internalWindows Server icon in the topology. 
18
After the machine boots, Click the Send Ctrll+Alt+Delete button in the upper
righthand corner.
19
Note: Ifyou are seeing a black screen here, click the screen and/or press Enter.
Log in as administrator with the password of P@ssw0rd.
20
Click on the Start button in the bottom left hand corner and click the Computer link.
21
Double-click on the Local Disk (C:) drive.
22
Double-click on the xampp folder (directories are listed alphabetically).
23
Double-click on the apache folder (directories are listed alphabetically).
24
Double-click on the logs folder (directories are listed alphabetically).
25
Double-click on access.log file.
26
View the entries that state “A cat isfine too.”
27
© 2022 - Infosec Learning INC. All Rights Reserved.
Note: Press the STOP button to complete the lab.