How hard is it to launch a distributed denial-of-service (DDoS) attack?
Ethical Hactivist Dos Attacks
Sam Bowne Instructor, City College San Francisco
Denial-of-service (DoS) attacks are very common. They are used for
extortion, political protest, revenge, or just LULz. Most of them
use old, inefficient methods like UDP Floods, which require
thousands of attackers to bring down a Web server. The newer Layer
7 attacks like Slowloris and Rudy are more powerful, and can stop
a Web server from a single attacker with incomplete Http requests.
The newest and most powerful attack uses IPv6 multicasts, and can
bring down all the Windows machines on an entire network from a
single attacker.
I will explain and demonstrate these tools: Low Orbit Ion Cannon,
OWASP Http DoS Tool, and flood_router6 from the thc-ipv6 attack
suite. This deadly IPv6 Router Advertisement Flood attack is a
zero-day attack--Microsoft has known about it since June 2010 but
has not patched it yet (as of May 4, 2011).
The Jester: Boondock Saint
@
th3j35t3r
Hacktivist for good. Obstructing lines of communication for
terrorists, sympathizers, fixers, facilitators. No botnets here.
I'll do my own dirty.
Behind you.
·
http://th3j35t3r.wordpress.com
Low orbit ion cannon (
LOIC
) DDoS attack tool
provided by annonymous will not obscure your IP address from the
sites you attack. LOIC is just one of many DDoS tools now
available for online use, downloading, or renting.
DDoS tools includes "single user flooding tools, small host
booters, shell booters, remote access Trojans (RATs) with
flooding capabilities, simple DDoS bots, complex DDoS bots, and
some commercial DDoS services.Many types of threats can be blended
into any given tool in order to make the tool more attractive and
financially lucrative"--as in, profitable for whoever's renting
out the DDoS capabilities.
Download Encrypted VPN Virtual Private Network
Distributed Denial of Service (DDoS) attack
Software that can help Web sites neutralize Denial of Service attacks
"Details of the tools, techniques and procedures used by the hackers behind the RSA security breach have been revealed in a research paper (PDF) published by Australian IT security company Command Five. The paper also, for the first time, explains links between the RSA hack and other major targeted attacks. This paper is a vendor-neutral must-read for any network defenders concerned by the hype surrounding 'Advanced Persistent Threats.'"