Abusing a Stateless Firewall Lab
A stateless firewall can be used to minimize the risk associated with certain attacks. However, a stateless firewall does not retain the state for a given connection. This lab will demonstrate how a stateless firewall will allow a new connecting client to send a TCP SYN ACK packet as the first means of communication with the server. Then, we will use Hping3 to demonstrate a TCP SYN ACK DoS attack. The pentesting assignment for this LAB will be to craft a TCP SYN ACK DoS attack using Scapy.
Overview
A stateless firewall can be used to minimize the risk associated with certain attacks. However, a stateless firewall does not retain the state for a given connection. This lab will demonstrate how a stateless firewall will allow a new connecting client to send a TCP SYN ACK packet as the first means of communication with the server. Then, we will use Hping3 to demonstrate a TCP SYN ACK DoS attack. The pentesting assignment for this LAB will be to craft a TCP SYN ACK DoS attack using Scapy.
