Distributed Denial of service or popularly known as DDoS attacks once again came to the limelight in 2016.
From the attacks on Dyn servers whose architecture translates domain names into numeric addresses, hacker group Anonymous launching a DDoS campaign against Donald Trump under the banner of #OpTrump, to DDoS-for-hire service called LizardStresser using IoT botnets launching attacks on websites related to the Rio Olympics’ to hackers using 24,000 computers from around 30 countries to launch attacks on five Russian banks in early November.
A DDoS attack is perpetrated by people who try and make an organizations website or services temporarily unavailable by suddenly increasing the amount of traffic from various sources to the end server.(read computers or even IoT devices from across the world).
Moreover, there are many freely available tools available online for free and many hackers even sell DDoS services on Darkweb marketplaces like Alphabay, Valhalla etc. “You do not have to be a specialized hacker. Anyone nowadays can buy these services and tools by paying a small amount of money to bring down certain websites or completely put a company’s infrastructure in disarray. You can even run the attacks for weeks,” says Rahul Tyagi,Vice President – Training at Lucideus.
Some of the common methods used to launch a DDoS attack are TCP connection attacks, volume attacks, fragmented attacks and application based attacks. TCP connection attacks are used against most of the end users available connections which include servers, firewalls and even load balancers. While Fragmented attacks destroy the victims system by sending TCP fragments, app attacks take down a server by using botnets.
All of these can enable by tools freely available online. Let’s look at some of them.
LOIC (Low Orbit Ion Canon)
LOIC or popularly known as Low orbit Ion Canon is one of the more popular tools available on internet. It is primarily used to initiate a DOS attack on servers across the world by sending TCP, UDP requests to the compromised server. Even a beginner can use this tool and all he has to do enter the IP address of the victim server.
This tool was earlier used by the infamous hacker group Anonymous for some of their attacks. But before you can get any ideas, just remember, this tool does not protect the hosts IP address so agencies looking out for you can trace the attack’s origin.
This is another easy to use DOS attacking tool for the beginners. You can just input the IP address of or th selected ports and can be used against websites which do not generate a huge amount of traffic.
HOIC or known as High Orbit Ion Cannon is an effective tool which uses booster scripts which allow users to make lists of victim IP addresses and helps the attackers remain anonymous and difficult to tracked down. It is still used by Anonymous for DDoS attacks worldwide. The tool claims it can flood up to 256 websites at once.
Slowmoris was developed by a gray hat hacker called “RSnake” which creates a slow HTTP request by sending the requests in HTTP requests in small packets in the slowest manner possible so that the victim server is forcefully made to wait for the requests. This way if multiple requests are send to the server, it will not be able to handle genuine requests.
This uses the same Slowmoris method. This tool directly attacks the service and not the hardware.
Apart from these, there are many other tools available online like OWASP Switchblade, DAVOSET, GoldenEye HTTP DoS Tool, THC-SSL-DOS, DDOSIM – Layer 7 DDoS Simulator among others. All these tools are freely available online for downloads for anyone out there. Considering how mundane most cyber secuirty agencies are in dealing with attacks of such nature, there is lots which is needed to be done to defend against such DDoS attacks.