Personal tools
 
 

DDoS

From WhatPort80

Jump to: navigation, search

DDos is an attempt to take a website or user off the internets by way of brute force. It more often than not is simply flooding the target system with ping requests, but it is also possible to use other types of packets destined for any service on the target system that is accepting connections. To make it even better, the iconic DoS attack comes in several vantastic flavors.

Vanilla DoS

Michael J. Fox is personally responsible for 95% of all the internet's DoS attacks. Because of Parkinson's.
Michael J. Fox is personally responsible for 95% of all the internet's DoS attacks. Because of Parkinson's.

This involves one or more computers actively being used to attack the target system. Hacker-wannabes in their basements will use this.

DDoS - Distributed Denial of Service

This style of butthurt comes from hundreds of virus infected 'zombies' hanging around on hidden IRC channels in amalgamations called 'botnets' waiting for orders. The 'Zombie master' will then issue the order to attack and lulz will ensue when computers that have no sociological connection to Zombie master or any of the zombies start to attack the target system.

Chicken Noodle DRDoS - Distributed Reflection Denial of Service

DoS attacks are serious business
DoS attacks are serious business

The ultimate in anti-lulz for the target system is the DRDoS attack. It requires no bot nets and so is rather easier to perpetrate than any other type of DoS attack. Furthermore, it makes the attacker quite immune to having a party van drop by their house, Anon finding them, and even getting their details.

This attack involves the attacker sending ACK packets with spoofed IP's to pretty much anything on the internets (websites, DNS servers, core infrastructure routers, etc...). When the innocent systems receive the ACK packets they believe the target system (the one who's IP is in the packet instead of the attackers) is acknowledging a connection SYN ACK packet from the innocent system. The innocent system will then start sending RST (connection reset) packets to the target system (the one it believes sent the packet to start with) telling it to GTFO because it will have no record of the target system initiating a connection with it in the normal manner (SYN -> SYN ACK -> ACK -> FIN).

If the skript kiddie sends his spoofed enough packets to the right places, ie; anything that gets enough traffic for the 'odd' packets to get hidden like Google, Amazon, or Ebay - an alternative is the core internet routers (i.e. Level3 routers) - it can look like the whole of the internets itself is coming down on the target system with there being little to nothing that can be done. The innocent systems will send several RST packets for every spoofed ACK they receive in an attempt to sort things out, but will unwittingly blast the target off the internets with a Ban Hammer of epic proportions.

Side Notes

Hacker - wannabes often invoke the name "DoS" as an internet threat, despite rarely knowing anything about how to follow through with the threat.

Users interested in practicing DoS tactics are encouraged to start with 8.2.118.111 or 127.0.0.1; these are IP addresses that promote free experimentation and security related attacks as a method of learning about technology.

Retrieved from "http://whatport80.com/DDoS"

Category: Drama-generating techniques

This page was last modified 17:21, 6 January 2010.  This page has been accessed 2,109 times.