Implementation of "Original SYN: Finding machines hidden behind firewalls"

This repository contains an implementation of the "Original SYN: Finding machines hidden behind firewalls" paper published in IEEE in 2015. Among the multiple objectives, we wanted to understand if the attack type proposed in the paper is still valid in 2024 and, if so, what limitations (or fixes) are introduced by the new versions of the Linux kernel.

Code

The implementation is in Python, while the custom sockets are written in C; we suggest customising the parameters according to your network topology and hardware resources.

Network topologies

The first two topologies (not useful for the final implementation but an important part of the conducted experiment) and the test topology (useful for debugging) are based on Docker containers. The final topology, on the other hand, is composed of virtual machines which require manual setup in the preferred virtualisation environment; in Networks/Third-topology, a small guide is available for recreating our network topology using Proxmox.

Further informations

For all the information, objectives, discoveries and experiments, please refer to Report.pdf.

The project was realised as part of the course "Network Security" of the Master Degree in Computer Science and Information Technology at Ca' Foscari University of Venice with the supervision of Professor Leonardo Maccari.

Contacts

For further information please feel free to email the authors:
Elisa Rizzo
Gabriele Pilotto
Marco Chinellato
Martino Pistellato
Thomas Vego Scocco