ACK Storms
When an attacker hijacks a session, there can be adverse side effects. One of the side effects is called an ACK storm.
An ACK storm occurs when an attacker first starts to take over a session and sends spoofed packets. Because there is a good chance the attacker does not guess the sequence numbers correctly on first try, this causes some problems. When the server receives the spoofed packets from the attacker, it thinks they came from the legitimate user and notices that the sequence numbers are out of synch. It then tries to re-synch the sequence numbers. The server does this by sending SYN and ACK packets, which the other system replies to with its own SYN and ACK packets. The result is an ACK storm.
ACK storms also occur if the ...
Get Hackers Beware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
