Super-brain hacker
HOME / Romantic / Super-brain hacker / Chapter List

Chapter 474 The good show is behind

Li Yushan checked the status of the server at this moment, and finally had to admit that the server had crashed and completely lost its response.

In desperation, he pressed the restart button, and the picture in the display suddenly darkened and entered the process of restarting.

"Who was operating this machine before?" Li Yushan turned his head and asked.

Everyone, look at me, I look at you, and finally shook their heads.

Seeing this, Li Yushan couldn't help frowning.

"So... It's probably caused by the opponent's attack."

Before that, the other party had not made any breakthrough progress, and suddenly let their server restart? Will this be a signal for the other party to start attacking?

With such doubts and worries, Li Yushan was a little anxious to wait for the system to restart.

In the display, the results of the system self-test are constantly brushed up.

After a while, the system will be restarted.

Li Yushan skillfully entered the user name and password, and quickly logged in to the system.

Then, he immediately began to check the processes and services in the current system.

He glanced at it quickly and didn't find any suspicious progress, which reassured him a lot.

"Huahui, check why the system just crashed." Li Yushan did not continue to investigate, but gave this task to Ding Huahui. This student was more proficient than him.

Li Yushan continued: "This system is newly installed. If it runs normally, this will definitely not happen. I guess that the other party must have mastered one of the loopholes in it, which will cause the crash."

Ding Huahui nodded and agreed with him: "Okay, let me see what the loophole is."

When Ding Huahui was about to sit down, he found that the picture in the monitor had stopped changing again.

"Dead again?" Ding Huahui was stunned and quickly tapped the keyboard a few times.

That's exactly what happened. The system crashed again.

Li Yushan was also stunned: "I didn't find a suspicious process just now."

His hidden meaning is obvious, that is to say, after the system restarted, the other party attacked the server again.

In this way, the other party must have mastered an important loophole of the system, and it is very effective. You can restart the system directly in a short time.

If they let the other party go on like this, they will definitely lose too many points and restart the server, which is much more than the weight of making ordinary computers have problems.

Ding Huahui quickly limited the network connection of this machine.

Then restart again, log in quickly, and find the reason for the system restart as quickly as possible.

According to the rules, the server cannot disconnect the network for too long, otherwise, points will be deducted. If the network is disconnected for a long time, it may be directly won by the other party.

Fortunately, when the system crashes, the data of the previous moment will be recorded. Ding Huahui directly looks for the abnormal situation according to the system log.

Analyzing system logs is a meticulous job, because there are usually a lot of logs, and thousands of people need to find abnormal data in these dense records, which is not easy. The research can be found, and it may only analyze part of the content.

Of course, this is only for novices.

For a master like Ding Huahui, he has long been handy because he often deals with such things.

He looked at the log for a while, and then directly wrote a script code to filter all the normal connection records containing specific keywords and save the records that may be abnormal directly into another new file.

This is the power of command line tools for UNIX-like systems. What functions system administrators or technicians want to achieve can be completed directly through specific commands, and can even write code directly in the terminal and execute it directly.

Under WINDOWS, to achieve such a function, it is usually operated with software. If the software does not complete such a function, it may have to be written separately.

Of course, there are also DOS commands under WINDOWS, but the DOS command function is not powerful, which is equivalent to the castrated UNIX command. There are many useful functions that you want to use, intelligently write tool software.

After filtering the normal connection records, there are relatively few records left.

Ding Huahui once again filtered all the records before ten minutes, leaving only ten minutes.

After filtering like this again and again, he got a final record result.

He first detected the intrusion record to see if the other party had broken through their defense line through some loopholes and entered the middle of the system to carry out wanton destruction.

The final inspection result is negative, and there is no trace of the other party's invasion at all.

He was surprised to find that the records inside seemed to be normal. There was no abnormal record at all, and there was no abnormal IP

"It's impossible. There must be a place that hasn't been seen clearly."

Ding Huahui had to check it again from the beginning.

I have to say that Ding Huahui's patience is very good. Maybe he knows that if he wants to find useful information from it, he has to be patient and not let go of any clues.

After several times, he finally found something!

"Damn it!" Ding Huahui couldn't help saying, "A data packet? How is this possible?"

He searched around and finally found the abnormality - just a SYN synchronization packet!

SYN means synchronization. This packet is the first packet sent to the server when the two parties to be connected shake hands three times.

This is a very small, very small package, that is, the data packet commonly used by the TCP/IP protocol on the network, which is called IP datagram.

At the head of this packet, there is a fixed length called the "head", a total of 20 bytes, which is a common structure for all packets.

In this structure, it contains a series of information, according to 32 bits, that is, 4 bytes as a paragraph, and the first 12 bytes, including information such as version, length, identification, piece offset, etc. In the last eight bytes, the first four bytes are the source address of the packet, that is, the IP address of the sender, and the last four bytes are the destination address, that is, the IP address of the receiver.

This "head" is like an envelope of a letter, on which all the information of the packet flows is marked. Each package includes this part, because only in this way can the data be transmitted smoothly.

The data packet analyzed by Ding Huahui is such a package. It is very small, almost only contains the first structure, and the following data part is 0, which means that this is an "empty envelope".

It was also because of this that Ding Huahui found its abnormality.

Obviously, this is not an ordinary "empty envelope" but a well-designed empty envelope.

Ding Huahui used the editor tool. After careful analysis, it was found that the first 12 bytes of the first part of the IP datagram were normal, and there was nothing suspicious.

It's strange that there are the last eight bytes - the source address and the destination address are the same!

"What kind of attack is this?" After seeing this, Ding Huahui couldn't help frowning.

He has never seen an IP datagram of this nature.

Make the source address and the destination address the same, will openBSD restart?

Li Yushan has also been watching. After looking at this address, his heart moved and said, "This address is the IP address of our server."

After being reminded by him, Ding Huahui also remembered that this address is so familiar. He didn't remember it before. Isn't it the IP address of the server!?

That is to say, the other party forged an "empty envelope" that says that the sender is their server and the recipient is also their server.

According to the network protocol design, when such a SYN packet is received, the server will reply to a confirmed and synchronized packet to this address, but this packet is its own...

Red Army combat machine room.

"The other party's server has lost its response!" Xiao Jiang excitedly reported the situation he had monitored.

"Good!"

"Great!"

Everyone cheered immediately.

This news, like a dose of heart-strengthening agent, has brought great encouragement to everyone.

Especially Captain Qian, he was so happy that he took the lead in applause and said, "Good job! Let them know that our Red Army is not a vegetarian!"

can make the other party's server unresponsive, which is indeed a very big achievement, much more powerful than the other party's small fight.

Captain Qian continued to encourage: "I hope everyone will continue to work hard, don't relax, and continue to closely monitor the dynamics of the other party!" Now the exercise has entered a critical stage!"

Everyone looked at Lin Hong with some admiring eyes. It was just him. He simply sent a carefully prepared data packet to the other party, and then let the other party's server hang up, and succeeded twice in a row. Finally, the other party's server directly disconnected the network connection.

Liu Hui also had to admit that Lin Hong's technical level was indeed much higher than his. In the end, he was convinced of him and clenched his fists to cheer for Lin Hong.

"I didn't expect your IP data report to be so powerful!" Lao Wang's face also showed considerable admiration.

Just now, Lin Hong said that he wanted to restart the other party's server so that they could carry out their next plan. Lao Wang had some expectations in his heart and guessed in what way he would use.

He never thought that he only used one data packet to complete the server they had studied and analyzed for so long.

In fact, it is not complicated to design IP datagrams. The data storm attack software used by Liu Hui before is actually the principle used. By sending a large number of customized IP datagrams, the other party can generate an empty connection, so that To the purpose of consuming each other's resources.

However, they have been tossing around for so long that they are not as useful as Lin Hong's package.

The beauty of his package is that the source address is the same as the target address, and it is the other party's server's own address, not that, like ordinary attacks, the source address is directly empty, or other non-existent IP addresses.

Seeing that everyone was so happy because of such a small achievement, Lao Wang thought a little funnyly: This is just an appetizer, and the good show is yet to come! ( To be continued

Chapter List

Full Novel Website en.quanben5.com