How to choose a program for DDOS attacks. DDOS Attack on an IP or an easy way to drain money is wasted. Why a threat arises

The problem of the intervention of third-party persons in the behavior of cyber matches there is no first day. BUT B. lately It was particularly sharply manifested in Dota 2 and CS: GO. Many games have to be delayed at the hour, or even to cancel, to transfer and replay. We will tell you how easy it is to spend a DDoS attack and how to protect yourself from it.


What is DDOS?
DDOS - Attack, computer running or the server that was given a goal and order to the beginning. After the start, the network of infected cars will begin to send dead packets (useless information) on the target router and thus blocks the connection. Imagine a boat with one oars, which is trying to get out of a polluted river.

Attack
For the attack you only need two things: DDoS provider and purpose. The services of ddoserov depend on the number of time they want to spoil your connection with the Internet and the volume of garbage sent to your router. The attack direction is determined by the IP address. Everything is simple - if it is in the attackers, it will be easy to challenge. Therefore, it is very important to avoid his falls in your hands.
Unfortunately, it is very simple to get the desired IP now. You can find the Valve server address via Dota 2, and even if it is hidden through the console, Packet Sniffer will receive it without any problems.




As for the Aypishniks of individual players, they leave traces in a variety of programs. In order to get IP through Skype, only your nickname is required in the program, and this is only one of the many ways. Imagine that the situation from the video below will happen to you (18+):

For DDOS, even optional to pay. I found free servicewhich gives to send from 10 to 200 MBPs as a sample. This is enough to put most of the standard networks:


How to defend?
There are many ways to protect yourself from the attack. I will tell only about some:

  1. Rent a VPN. It will hide your IP for a strong and protected server. If you are using communication programs, make sure that you do it through VPN. The number of providers of this service is very large.
  2. Limit communication through Skype, TeamSpeak, etc. This is one of the simplest ways to get your address and spoil the connection.
  3. Most people believe that they have no viruses on their computer. Unfortunately, in 90% of cases, this is not the case, and you should clean more often to avoid a sharp disabling network.
  4. Be careful in visiting sites and forums. Administrators see your IP.
  5. Farwalls. Some routers have a built-in, as in the Windows itself, but they will not have time to filter the incoming "trash" before it blocked the Internet.
What if my IP has already got into other people's hands?
Then you have to resort to very difficult manipulations with the router. The Internet provider will not help you with anything, as they do not have to deal with such problems. You need change Wan Mac Router to automatically get a new address. If this fails to do this, you will have to pull the router from the network and wait for a long time.
Conclusion.
As it was repeatedly said, this is not complete information on the protection against DDOSA, and the chains have to deal with much more sophisticated techniques. So we wish you not to fall under such attacks and, if possible, to defend yourself.

DDOS attack. Explanation and example.

Hello everyone. This is a blog computer76, and now the next article on the foundations of hacker art. Today we will talk about what DDOS attack is simple words and examples. Before rushing with special terms, there will be an introduction that is understandable to everyone.

Why is DDOS attack?

WiFi hacking applied to password fence wireless network. Attacks in the form "will allow listening to Internet traffic. Analysis of vulnerabilities with subsequent loading of a specific makes it possible to capture the target computer. What does DDOS attack make? Its goal is ultimately - the selection of the rights to own a resource at the legitimate owner. I do not mean that the site or blog you will not belong. This is in the sense that in the case of a successful attack on your site, you lose the opportunity for them to control. At least for a while.

However, in modern interpretation, the DDOS attack is most often used to violate the normal operation of any service. Hacker groups, the names of which are constantly on hearing, make attacks on major government or public sites in order to draw attention to one or another problems. But almost always for such attacks is purely mercantile interest: the work of competitors or simple pranks with completely indecently unprotected sites. The main concept of the DDOS is that a huge number of users are drawn to the site at a time, or rather queries on the part of computers - bots, which makes the load on the server in airs. We often hear the expression "site is unavailable", but few who think that is in fact in fact for this wording. Well, now you know.

DDOS Attack - Options

Option 1.

players crowd at the entrance

Imagine that you are playing multiplayer online game.. Thousands of players play with you. And with most of them you are familiar. You are discussing the details and spend the following actions. You all at the same time go to the site and create a character with the same set of characteristics. They group in one place, blocking with their number of simultaneously created characters access to objects in the game to the rest of conspicing users who are not suspected about your collusion.

Option 2.


Imagine that someone discouraged to break the bus service in the city on a specific route in order to prevent conscientious passengers to use the services public transport. Thousands of your friends are at the same time to stop at the beginning of the specified route and ride aimlessly in all machines from the ultimate to the final until money is running out. The trip is paid, but no one comes out on one stop, except for the destination destination. And other passengers, standing at intermediate stops, look sadly to the removing minibuses after, failing to pour into the buses scored. All: all taxi owners, and potential passengers.

In reality, these options are not physically converted into life. However, in the virtual world of your friends, they can replace computers of unfair users who do not bother at least to protect their computer or laptop. And such an overwhelming majority. Programs for the DDOS attack set. Is it worth reminding that such actions are illegal. And the ridiculous prepared DDOS attack, it does not matter with what success spent, detects and punishable.

How is the DDOS attack?

Click on the site link, your browser sends the request to the server to display the desired page. This request is expressed as a data packet. And not even one, but a whole package package! In any case, the volume of transmitted data on the channel is always limited to a certain width. And the volume of data returned by the server is incommensurable more than those contained in your request. At the server it takes the strength and means. The stronger server, the more expensive it costs for the owner and the more expensive services provided to them. Modern servers easily cope with a sharply increased visitor influx. But for any of the servers, there is still a critical amount of users who want to familiarize themselves with the content of the site. The clearer the situation with the server that provides services for hosting sites. Slightly, and the site-victim is disconnected from service, in order not to overload processors that serve thousands of other sites located on the same hosting. The work of the site stops until the DDOS attack stops. Well, imagine that you start restarting any of the page pages a thousand times per second (DOS). And thousands of your friends make on our computers the same thing (DISTIBUTED DOS or DDOS) ... Large servers have learned to recognize that the DDOS attack began, and counteract it. However, hackers also improve their approaches. So within the framework of this article, what a DDOS attack is more disclosed, I can not explain.

What is a DDOS attack you can learn and try right now.

ATTENTION. If you decide to try, all unsaved data will be lost, button will need a button to return to the operating status. Reset.. But you can find out what exactly "feels" the server that attacked. An exposed example of a paragraph below, and now - simple commands for overcurrent system.

  • For Linux in the terminal, type the command:
:(){ :|:& };:

The system will refuse to work.

  • For Windows, I propose to create a BAT file in a notebook with a code:
: 1 Start Goto 1

Name the type ddos.bat.

Explain the meaning of both teams, I think it is not worth it. It can be seen in the unarmed look. Both teams make the system execute the script and immediately repeat it, referring to the beginning of the script. Given the speed of execution, the system falls in a couple of seconds into a stupor. Game., as they say, over.

DDOS attack using programs.

For a more visual example, use lOW program Orbit Ion Cannon (ion gun with low orbit). Or Loic. The most downloadable distribution is located at the address (we work in Windows):

https://sourceforge.net/projects/loic/

ATTENTION ! Your antivirus must respond to the file as malicious. This is normal: you already know what they swing. In the signature database, it is marked as a flood generator - translated into Russian this is the ultimate goal of infinite appeals to a certain network address. I personally did not notice any viruses nor Trojanov. But you are entitled to doubt and postpone the download.

Since neglect users throw the resource on malicious file, Source Forge will reinforce you to the next page with a direct link to the file:

As a result, I managed to download the utility only through.

The program window looks like this:

Paragraph 1 Select Target will allow an attacker to focus on a specific purpose (IP address or website URL enters), paragraph 3 Attack Options. will allow you to select an attacked port, protocol ( Method.) From three TCP, UDP and HTTP. In the TCP / UDP Message field, you can enter a message for the attacked. After the attack has done begins by pressing the button. IMMA Chargin Mah Lazer (This is the phrase on the edge of the foul from the popular once comicmem; American mat in the program, by the way, quite a few). Everything.

Warning

This option is to hold only for a local host. That's why:

  • this is unlawful against other people's sites, and for it in the West is already really sitting (and therefore, they will soon plant here)
  • the address from which Flood is coming will be calculated quickly, complain to the provider, and he will make you a warning and remind you about the first item
  • in networks with low bandwidth (that is, in all domestic), the thing will not work. With the Tor network is all the same.
  • if you configure it properly, you will quickly score your communication channel, the harm to someone. So this is exactly the option when the pear beats the boxer, and not the opposite. And the option with a proxy will pass on the same principle: the flood on your part does not like anyone.

We repent a lot about attacks on the site, hacking and but the subject of DDOS did not mention. Today we correct this position and offer you full Overview Technologies organization DDOS attacks and well-known tools for performing hacker attacks.



View listing available tools for DDOS attacks in Kali You can command:

kALI\u003e / USR / SHARE / EXPLOITDB / PLATFORMS / Windows / DOS

kALI\u003e / USR / SHARE / EXPLOITDB / PLATFORMS / Windows / DOS

This command shows the exploit database to attack Windows systems.

To view the available DDO tools, Linux attacks enter the command:

USR / SHARE / EXPLOITDB / PLATFORMS / LINUX / DOS.

USR / SHARE / EXPLOITDB / PLATFORMS / LINUX / DOS.

2. Loic

The Low Orbit Ion Cannon (LOIC) Low orbital ion gun. Perhaps the most popular DDOS program. It can send mass requests for ICMP protocols, the UDP thereby scoring the channel to the victim's server. SAMI famous attack With the help of LOIC was made by the Anonymous group in 2009 and directed against PayPal, Visa, MasterCard in retaliation for turning off WikiLeaks from the donation collection system.

Attacks, organized by LOIC can be disposed of UDP and ICMP package blocking on the network equipment of Internet providers. You can download the LOIC program itself for free on the site. This tool is on windows database And working with it is very simple, specify the sites of the victim and press only one button.

2. Hoic

Hoic was designed during the Payback by Praetox operation by the same team that created LOIC. The key difference is that HOIC uses the HTTP protocol and uses it to send a stream of randomized HTTP GET and POST requests. He is able to simultaneously hold an attack on 256 domains. You can download it with.


3. Xoic.

Xoic Another very simple DDOS tool. You need to simply install the IP address of the victim, select Protocol (HTTP, UDP, ICMP, OR TCP), and click on trigger! You can download it with

5. Hulk.

6. UDP Flooder

UDP Flooder meets its name - the tool is presented to refer to the set of UDP packages to the target. UDP Flooder is often used when DDOS attacks on play servers, to disable players from the server. For download, the program is available on.

7. Rudy

8. Tor's Hammer

Tor's Hammer was created to work through network, in order to achieve a large anonymity of the attacking. The problem of this toaster is that tor network It is quite slow and thus reduces the effectiveness of DDOS attack. Download this DDOS program You can from Packet Storm sites or.

9. Pyloris

Pyloris is another DDOS instrument using new approach. It allows the attacker to create his own unique HTTP request. Then the program will attempt to hold the TCP connection open with such requests, thereby reduce the number of available connections on the server. When the server connections limit comes to an end, the server can no longer serve connections and the site becomes not affordable. This tool is available free for download from the site.

10. Owasp SwitchBlade.

Open Web Application Security Project (OWASP) and Proactiverisk have developed an inspection SwitchBlade dos Tool. To test Web applications for stability to DDOS attacks. It has three modes of operation: 1. SSL Half-Open, 2. HTTP POST, and 3. Slowloris. You can download for familiarization from the OWASP website.

11. Davoset.

12. Goldeneye http dos tool

13. THC-SSL-DOS

This DDOS program (is in the delivery of Kali) and differs from most DDOS tools by the fact that it does not use throughput Internet channel and can be used from one computer. THC-SSL-DOS uses vulnerability SSL protocol And it is able to "put" the target server. Unless of course this vulnerability is available on it. You can download the program from the THC website, or use Kali Linux Where this tool is already installed.

14. DDOSIM - Layer 7 DDOS Emulator

On this, our review ends, but in the future we will return to the topic of DDOS attacks on the pages of our blog.