This project demonstrates the simulation and real-time mitigation of a SYN flood DDoS attack using GNS3 and VirtualBox. It involves setting up a virtual environment with a Command & Control (C2) server, bot machine, and a victim server.
-
Attack Simulation: Python-based C2 server triggers bots to launch SYN flood attacks on the victim.
-
Traffic Monitoring: tshark used on the victim VM to observe and analyze incoming SYN packets.
-
Real-Time Mitigation: Custom Python script monitors traffic, auto-bans IPs exceeding a threshold using iptables.
-
Live Dashboard: Flask + WebSocket-based dashboard displays SYN activity and blocked IPs in real time.
-
Kali Linux, Ubuntu Server
-
VirtualBox, GNS3
-
Python, tshark, iptables
-
Flask, Socket.IO, Chart.js