• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

DDOS

J

Jon855

Golden Member
How do you craft your own DDOS attacking program and how do you prevent your site from going down from DDOS attacks?

If any of this content is voliating the Forum's Rules, please inform me so I can edit it as required. The reason why I'm curious is becasue I'm currently in the IT Major and am learning about this type of attack and how to craft one and prevent it. Such "attack" I need to craft will require some use of web browsing tactics such as the slashdot effect. Could anybody expain me how to craft and prevent such attacks?

I want to apologize in advance if this is completely dis-allowed in here.

To the Moderators: If it is not allowed, please inform me and of course you can edit it as well, although I would rather to be editing this if I'm informed of such violations of the Forum Policies.

Jon855
 
I highly doubt anyone is going to tell you how to perform a DDOS attack or even a hint as to how to do it as it is illegal. Perhaps someone may chime in and tell you how to prevent one.
 
Well the "standard" method....

Since it is a "distributed denail of service" that means you have many, many machines sourcing the attack. Common method is through trojans or bots that have infected broadband machines. These bots phone home through various methods, ICQ being popular awaiting commands.

Then the attacker sends the command "pound www.amazon.com with TCP reqests on port 80 (HTTP)"

Each bot then makes hundreds if not thousands of connections on port 80 consuming resources like bandwidth, server connections and memory. As you can see it scales linearly with the number of bots.

How to prevent it? Routers and other security software can recognize such an attack and block the offending behavior. But it really needs to be blocked at the ISP level. So you call up your provider (and if they are good they already have alarms about the attack) and say "please stop this DDoS attack"

Provider then uses features in their routers to drop the traffic.

Interestingly enough some of the big worms like blaster, nimda and sasser had the effect of a DDoS simply from the amount of traffic they spewed out. The amount of traffic scales exponentially as the number of infected hosts increase.
 
Spidey07 - Thanks now I see... I will need to test this in a Private Networked Lab... Thanks... I've found a few tools, codes, etc which I could try to craft one for educational purpose and no it will not be released into the wild. Thanks again anyways.
 
Malicious code is still malicious code.

Be careful and don't be connected to anything on the "test" network. The onlyway to be sure of this is to trace every cable.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top