pete > courses > Crash Course in System Security (CSCI 1005), Winter 2025 > Day 12

---

ARP poisoning

DNS amplification

SYN flooding

Exercises

---

Groups of three today.

DNS Amplification

Write a Scapy program that performs a very small-scale DNS-amplification attack against another member of your group. When observing this happening in Wireshark, the victim should turn off promiscuous mode (otherwise it’s not evident that the NIC is actually passing the packets up to the kernel and thus clogging things).

ARP poisoning

Assign a role to each member of the group: victim, bystander, and attacker. The victim and bystander software should be unmodified, unfirewalled, and unpromiscuous. The victim should issue an ARP request and the attacker should attempt to respond with a crafted, malicious response that causes future packets with the bystander’s IP address in the destination field to be sent to the attacker instead of the bystander.

DO NOT (TRY TO) SPOOF THE ROUTER.

DO NOT (TRY TO) DO BAD THINGS TO ANY OF THESE HOSTS: .1, .2, .3, .10. (They’re necessary for the course-specific wireless access point to work.)

SYN Flooding

Read up on SYN cookies to understand both the problem and the solution.