DDoS programs. DDOS attack

Probably, many modern computer and Internet users have heard about the presence of DDoS attacks carried out by attackers against any websites or servers of large companies. Let's look at what a DDoS attack is, how to do it yourself, and how to protect yourself from such actions.

What is a DDoS attack?

To begin with, it is perhaps worth understanding what such unlawful actions are. Let’s make it clear right away that when considering the topic “DDoS attack: how to do it yourself,” the information will be provided solely for informational purposes and not for practical use. All actions of this kind are criminally punishable.

The attack itself, by and large, is sending a sufficiently large number of requests to a server or website, which, if the limit of requests is exceeded, blocks the operation of a web resource or service of the provider in the form of shutting down the server by security software, firewalls or specialized equipment.

It is clear that a DIY DDoS attack cannot be created by one user from one computer terminal without special programs. After all, he won’t sit for days on end and send requests to the attacked site every minute. Such a number will not work, since each provider provides protection against DDoS attacks, and one user is not able to provide the number of requests to the server or website that would a short time exceeded the call limit and triggered various protective mechanisms. So you'll have to use something else to create your own attack. But more on that later.

Why does the threat arise?

If you understand what a DDoS attack is, how to carry it out and send an excessive number of requests to the server, it is worth considering the mechanisms by which such actions are carried out.

They may be unreliable and unable to cope a huge amount requests, gaps in the provider’s security system or in the operating systems themselves, lack of system resources to process incoming requests with subsequent system freezes or crashes, etc.

At the dawn of this phenomenon, do-it-yourself DDoS attacks were carried out mainly by programmers themselves, who created and tested the performance of protection systems with its help. By the way, at one time even such IT giants as Yahoo, Microsoft, eBay, CNN and many others suffered from the actions of attackers who used DoS and DDoS components as weapons. The key point in those situations was attempts to eliminate competitors in terms of limiting access to their Internet resources.

In general, modern electronic merchants do the same thing. To do this, simply download a program for DDoS attacks, and then, as they say, it’s a matter of technique.

Types of DDoS attacks

Now a few words about the classification of attacks of this type. The main thing for everyone is to disable the server or website. The first type includes errors associated with sending incorrect instructions to the server for execution, as a result of which its operation crashes. The second option is mass sending of user data, leading to an endless (cyclic) check with an increasing load on system resources.

The third type is flood. As a rule, this is a task of sending incorrectly formed (meaningless) requests to the server or network equipment in order to increase the load. The fourth type is the so-called clogging of communication channels with false addresses. An attack can also be used that leads to changes in the configuration of the computer system itself, which leads to its complete inoperability. In general, the list could take a long time.

DDoS attack on the site

As a rule, such an attack is associated with a specific hosting and is aimed exclusively at one predefined web resource (in the example in the photo below it is conventionally designated as example.com).

If there are too many calls to the site, communication disruption occurs due to communication blocking not by the site itself, but by the server part of the provider service, or rather, not even by the server itself or the security system, but by the support service. In other words, such attacks are aimed at ensuring that the hosting owner receives a denial of service from the provider if a certain contractual traffic limit is exceeded.

DDoS attack on the server

As for server attacks, here they are not directed at any specific hosting, but specifically at the provider that provides it. And it doesn’t matter that site owners may suffer because of this. The main victim is the provider.

Application for organizing DDoS attacks

Now we have come to an understanding of how to do it using specialized utilities, we will now figure it out. Let us immediately note that applications of this type are not particularly classified. They are available online for free download. For example, the simplest and most famous program for DDoS attacks called LOIC is freely available on World Wide Web For loading. With its help, you can only attack sites and terminals with previously known URL and IP addresses.

For ethical reasons, we will not now consider how to obtain the victim’s IP address. We assume that we have the initial data.

To launch the application, the executable file Loic.exe is used, after which the source addresses are entered in the top two lines on the left side, and then the two “Lock on” buttons are pressed - slightly to the right opposite each line. After this, the address of our victim will appear in the window.

At the bottom there are sliders for adjusting the request transmission speed for TCP/UDF and HTTP. By default the value is set to “10”. Increase it to the limit, then press the big “IMMA CHARGIN MAH LAZER” button to start the attack. You can stop it by pressing the same button again.

Naturally, one such program, which is often called a “laser gun,” will not be able to cause trouble for some serious resource or provider, since the protection against DDoS attacks is quite powerful. But if a group of people uses a dozen or more of these guns at the same time, something can be achieved.

Protection against DDoS attacks

On the other hand, anyone who tries to attempt a DDoS attack should understand that there are no fools on the “other” side either. They can easily figure out the addresses from which such an attack is carried out, and this is fraught with the most dire consequences.

As for ordinary hosting owners, the provider usually immediately provides a package of services with appropriate protection. There can be a lot of means to prevent such actions. This is, say, redirecting an attack to the attacker, redistributing incoming requests to several servers, filtering traffic, duplicating protection systems to prevent false positives, increasing resources, etc. By and large, the average user has nothing to worry about.

Instead of an afterword

I think it becomes clear from this article that doing a DDoS attack yourself if you have special software and some initial data will not be difficult. Another thing is whether it’s worth doing this, especially for an inexperienced user who decided to indulge, for the sake of sport? Everyone must understand that their actions will in any case cause retaliatory measures from the attacked party, and, as a rule, not in favor of the user who launched the attack. But, according to the Criminal Codes of most countries, for such actions you can end up, as they say, in places not so distant for a couple of years. Who wants this?

LOIC is a powerful tool that allows you to carry out DDoS attacks on websites and servers. Let us immediately note that we do not recommend using the program for its intended purpose. In general, if you believe the words of the developer, the application was created to check the “reliability” of the hoster and the security systems it uses. The program is open source and available for download from the SourceForge service. Note that there it is marked as malicious software, so downloading and using Low Orbit Ion Cannon (the full name of the app) is entirely at your own risk.

Principle of operation

The program allows you to carry out a distributed attack, simultaneously opening many connections to the server and thereby trying to “put down” it - to achieve an error code indicating “victory”. During DDoS process, LOIC displays status information active connections, which changes in real time. In addition, the user is informed about the code that was returned by the server when trying to make a standard connection.

Low Orbit Ion Cannon operates using methods that are quite standard for this type of instrument. In particular, the program can “spam” HTTP requests, causing hardware failure. The application can also flood UDP and TCP packets. In addition to the standard version of LOIC, there is also a version capable of receiving attack targets via RSS feeds and instant messengers. This version of the program may be useful to the creators of botnets.

Interface

All functions available in LOIC are located on a single panel. There you can specify the URL or IP to attack and see a list of open connections. The graphical shell is quite intuitive, but has not been translated into Russian. However, tools of this kind do not need localization.

Key Features

• carries out DDoS attacks in order to achieve failure server equipment;
• has a simple interface consisting of a single window;
• spams HTTP requests, UDP and TCP packets;
• has an open source(written in C#);
• compatible with older versions operating system Windows;
• available for free.

The problem of third party interference in the behavior of eSports matches has existed for several days now. But recently it has become especially pronounced in Dota 2 and CS:GO. Many games have to be delayed for an hour, or even cancelled, rescheduled and replayed. We will tell you how easy it is to carry out a DDoS attack and how to effectively protect yourself from it.

What is DDoS?
DDoS attack, launched by computer or by a server who has been given a goal and an order to start. After the start, the network of infected machines will begin to send dead packets (useless information) to the target router and thus block the connection. Imagine a boat with one oar trying to get out of a polluted river.

Attack
To carry out an attack, you only need two things: a DDoS provider and a target. Ddoser services depend on the amount of time they want to disrupt your Internet connection and the amount of garbage sent to your router. The attack direction is determined by the IP address. It's simple - if attackers have it, then it won't be difficult to annoy you. Therefore, it is very important to avoid it falling into the wrong hands.
Unfortunately, getting the right IP is now very easy. You can find the Valve server address through Dota 2, and even if it is hidden through the console, Packet Sniffer will receive it without any problems.




As for the IP addresses of individual players, they leave traces in many programs. In order to get an IP via Skype, all you need is your nickname in the program, and this is only one of many ways. Imagine that the situation from the video below happens to you (18+):

You don't even have to pay for DDoS. I found free service, which allows you to send from 10 to 200 Mbps as a sample. This is enough to put down most standard networks:


How to protect yourself?
There are many ways to protect yourself from attack. I'll tell you just about a few:

1. Rent a VPN. It will hide your IP behind a strong and secure server. If you use communication programs, make sure you do it through a VPN. The number of providers of this service is very large.
2. Limit communication via Skype, Teamspeak, etc. This is one of the easiest ways to get your address and ruin your connection.
3. Most people believe that they do not have any viruses on their computer. Unfortunately, 90% of the time this is not the case, and you should clean it more often to avoid a sudden network shutdown.
4. Be careful when visiting websites and forums. Administrators see your IP.
5. Firewalls. Some routers have a built-in one, just like Windows itself, but they won’t have time to filter out the incoming “garbage” before it blocks the Internet.

What should I do if my IP has already fallen into the wrong hands?
Then you will have to resort to very difficult manipulations with the router. The Internet provider will not help you in any way, since they do not have to deal with such problems in their work. You need change WAN MAC router to automatically receive a new address. If this fails, you will have to unplug the router from the network and wait a long, long time.
Conclusion.
As has been said many times, this is far from complete information on DDoSa protection, and players have to deal with much more sophisticated techniques. So we wish you not to fall under such attacks and protect yourself as much as possible.

If you are reading this material, then you already know what it is But let me tell you what's behind this ominous phrase and prove why. DDoS attack via IPis not a panacea and you can delete information in other ways.

But first, let's talk about the disadvantages DDoS attacks via IP . We will not touch on the nuances of the work itself (smurf - attacks, botnets and other oddities will remain with the performers). Let's highlight the final result and summarize.

Order information removal quickly and safely

Submit your application

DDoS attack via IP: you can’t forget to order

The first reason not to order an attack is inexpediency. Let’s imagine that the website publishes information that harms the company’s promotion or discourages customers from cooperating. A decision is made about DDoS attack via IP (or not only by IP, there are more than 10 methods). The process begins, the site goes down, and here a situation arises that in most cases customers do not take into account, namely, recovery. System engineers were either prepared for this type of attack, and the site would not be damaged, or it would be quickly taken up. Simply put, information is not going anywhere.

The second point is cost.

The check mainly depends on the duration of the attack and the power. But the price will increase if the attacked site has protection against DDoS attacks via IP . If the case is related to government websites, then you will be denied work, since the servers are monitored by intelligence agencies, and this is fraught with problems.

The average cost is $18 per hour.

One of the proposals

Let's talk about legal ways deleting information. The first thing you can do is write to the site’s support with a request to remove negative materials. But be prepared for the fact that you will have to provide evidence of slander against the company, otherwise it will not be possible to reach an agreement. You can mess things up and only make matters worse.

Some people think that the court will help. But the consideration of the case takes at least 1 year, during which time the company will suffer losses (legal red tape + losses from the negativity that still hangs in the TOP 10) and will lose its reputation.

If you do not have time for legal proceedings, we will help you remove information from the site. 6 years of experience helping companies manage their online reputation. We conduct a reputation analysis, create a strategy for further work and, together with the customer, monitor changes in information. Unlike, information:

• Will be legally removed.


• Will not be restored.


• In addition to removing negative information, work will be done to create a positive and trusting image of the company (reputation management).

In addition to DDoS attacks via IP resort to another method - hacking. Hackers hack to order the right system and delete the information. But this method will not work for a number of reasons. First: anonymity. Hacking services are usually provided by people who hide their identities. You will not be able to conclude an agreement with them, and most importantly, you will not be able to control their actions.

The second reason: cost.

Information can be located on 10 sites independent of each other. Each site has a protection system against, plus trained people are also sitting on the other side of the “fortress”. Therefore, the cost will skyrocket.

The third point is that a hacker is an uncontrollable person. Representatives of this profession are not your employees, which means they can easily play on two fronts. In other words, information about the customer can be sold to the victim. Also, do not forget about criminal liability: if information about the hack gets to the employees of department “K” of the Russian Ministry of Internal Affairs, everyone will be under the hood, both customers and performers.

Killhacker mode activated, or program for DDoS sites

There is a special caste of people who believe that on their own they can “settle everything” with a “pill for all diseases” (in our case), which will hack any site with a mouse click. We hasten to regret that such people are the first on the list of victims. The logic is as follows: a user inexperienced in dark matters goes into a search engine, or worse, into the darknet and downloadsprogram for DDoS sites. 2 mouse clicks and voila! The screen went dark, the computer rebooted, and when turned on, a huge banner showed ransomware. There are many options. Banner - ransomware is not the worst thing that can await a would-be burglar. "Program for DDoS sites"can: install itself on your computer unnoticed, remove all passwords from websites, protect important documents, open a port for remote control computer (hello, botnet). Also withdraw data and money from bank cards. Are you ready to take a risk?

The number of malware on Android is growing every year. Photo from drweb.ru

DDoS by IP: conclusions

And the conclusion is this: you shouldn’t go where there are more risks than benefits.Programs for DDoS of sites, DDoS by IPleave it to others. Illegal methods will be dragged into the virtual jungle, where its own laws and rules reign. In 2011, the hacktivist group Anonymous announced the disclosure of the identities of the Mexican drug cartel Zetas. In response, the drug cartel launched a real hunt for activists. As a result, a group of hackers interrupted the operation.

DDoS attack is illegal. Don't take risks - order the removal of information legally with a guarantee

Submit your application

We talk a lot about attacks on the site, hacking, but we did not mention the topic of DDOS. Today we are correcting this situation and offering you full review technologies for organizing DDOS attacks and known tools for performing hacker attacks.

You can view the list of available tools for DDOS attacks in KALI by running the command:

kali > /usr/share/exploitdb/platforms/windows/dos

kali > /usr/share/exploitdb/platforms/windows/dos

This command displays a database of exploits for attacking Windows systems.

To view the available Linux DDOS attack tools, enter the command:

/usr/share/exploitdb/platforms/Linux/dos.

/usr/share/exploitdb/platforms/Linux/dos.

2.LOIC

The Low Orbit Ion Cannon (LOIC) Low orbital ion cannon. Perhaps the most popular DDOS program. It can send bulk requests via ICMP and UDP protocols, thereby clogging the channel to the victim’s server. The most known attack with the help of LOIC was committed by the Anonymous group in 2009 and was directed against PayPal, Visa, MasterCard in retaliation for disconnecting WikiLeaks from the donation collection system.

Attacks organized using LOIC can be exploited by blocking UDP and ICMP packets on network equipment Internet providers. You can download the LOIC program itself for free on the website. This tool is Windows-based and working with it is very simple, you specify the victim’s sites and press just one button.

2.HOIC

HOIC was developed during Operation Payback by Praetox by the same team that created LOIC. The key difference is that HOIC uses the HTTP protocol and uses it to send a stream of randomized HTTP GET and POST requests. It is capable of simultaneously attacking 256 domains. You can download it from .

3.XOIC

XOIC is another very simple DDOS tool. The user simply needs to set the victim's IP address, select the protocol (HTTP, UDP, ICMP, or TCP), and pull the trigger! You can download it from

5. HULK

6. UDP Flooder

UDP Flooder lives up to its name - the tool is designed to send multiple UDP packets to a target. UDP Flooder is often used in DDOS attacks on game servers, to disconnect players from the server. The program is available for download at.

7. RUDY

8. ToR's Hammer

ToR's Hammer was created to work across network, in order to achieve greater anonymity of the attacker. The problem with this tool is that TOR network is quite slow and thereby reduces the effectiveness of a DDOS attack. You can download this DDOS program from the Packet Storm or .

9. Pyloris

Pyloris is another DDoS tool that uses a new approach. It allows an attacker to create his own unique HTTP request. The program will then try to keep the TCP connection open using such requests, thereby reducing the number of available connections on the server. When a server's connection limit reaches its limit, the server can no longer service connections and the site becomes unavailable. This tool is available for free download from the website.

10. OWASP Switchblade

Open Web Application Security Project (OWASP) and ProactiveRISK developed a tool Switchblade DoS tool for testing WEB applications for resistance to DDoS attacks. It has three operating modes: 1. SSL Half-Open, 2. HTTP Post, and 3. Slowloris. You can download it for review from the OWASP website.

11. DAVOSET

12. GoldenEye HTTP DoS Tool

13. THC-SSL-DOS

This DDOS program (included with Kali) differs from most DDOS tools in that it does not use Internet bandwidth and can be used from one computer. THC-SSL-DOS exploits vulnerability SSL protocol and is capable of “putting down” the target server. Unless, of course, it has this vulnerability. You can download the program from the THC website, or use KALI Linux where this tool is already installed.

14. DDOSIM - Layer 7 DDoS emulator

This is where our review ends, but in the future we will return to the topic of DDOS attacks on the pages of our blog.