i am trying a SYN attack , in a controlled environment.
My process: I started tcpdump process with filters to capture packets from one PC to another, only outgoing packets , I started a nmap process with -sS , I captured the outgoing SYN packets into a pcap file.
Now I am using tcpreplay to send the pcap file with different --pps (packets per second) to see if I can detect anything on the receiving computer.
Question:
- By capturing the packets like this can I send them over and over again (lets say every hour , same pcap file) or do I have to capture every time? Do they have a lifespan? or a timestamp? (the nmap SYN outgoing packets)
