DDos Attack, In this Post I will show you how to do some things that in many situations might be illegal, unethical, a violation of terms of service, or just not a good idea.
I provide This information for education and use it to protect yourself.
Before readding these instructions, be sure you are on the right side of the legal and ethical line… use your powers for good !
This Post provides an introduction to DDos attacks and some basic concepts behind them. you will be introduced to the following topics:
What is Denial-of-Service (DDoS) Attack.
Symptoms of DDoS Attack.
DDoS Attack techniques.
DDos Taack Tools.
What is Denial-of-Service (DDoS) Attack.
denial of service (DOS) is now one of the biggest issues on the internet. it utilizes legal requests from hundreds or thousands of internet users to a specific target to deplete targets bandwidth and resource.
In fact and Simply, DDOS ATTACK is an attempt to make a machine or network resource unviable to intended users.
How Denial of Service Attacks Work:
The attacker initiates the attack by sending a command to the zombie’s agents. These zombie agents send a connection request to the genuine computer system.
The request sent by zombie agent seem to be sent by the victim rather than the zombies.
thus, the genuine computer sends the requested information to the victim.
the victim machine gets flooded with unsolicited responses from several computers at once, this may either reduce the performance or may cause the victim machine to shut down.
Symptoms of DDoS Attack.
Based on the target machine, the symptoms of a DDoS attack may vary.
But here are four main symptoms if a Dos attack.they are:
1.Unavailability of a particular website.
2.Inability to access any Website.
3.The dramatic increase in the amount of spam email received.
4.Unusually slow network performance.
DDos Attack techniques.
There are seven kinds of techniques that are used by the attack to perform DDoS attacks on a computer or a network. They are:
A bandwidth attack floods a network with a large volume of malicious packets in
order to overwhelm the network bandwidth.
A single machine cannot make enough requests to overwhelm network equipment; therefore, DDoS attacks were created where an attacker uses several computers to flood a victim.
Typically, a large number of machines is required to generate the volume of traffic required to flood a network.
Service Request Floods:
Service request floods work based on the connections per second principle. In this
method or technique of a DoS attack, the servers are flooded with a high rate of connections
from a valid source. In this attack, an attacker or group of zombies attempts to exhaust server
resources by setting up and tearing down TCP connections. This probably initiates a request on
each connection, e.g., an attacker may use his or her zombie army to fetch the home page from
a target web server repeatedly. The resulting load on the server makes it sluggis
SYN Flooding Attacks:
SYN flooding is a TCP vulnerability protocol that emerges in a Denial6of-Service attack.
This attack occurs when the intruder sends unlimited SYN packet (requests) to the host system.The process of Transmitting such packets is faster than the system can handle.
ICMP flood Attacks:
Internet Control Message Protocol (ICMP) packets are used for locating network
equipment and determining the number of hops to get from the source location to the
destination. For instance, ICMP_ECHO_REPLY packets (“ping”) allow the user to send a request
to a destination system and receive a response with the roundtrip time.
A DDoS ICMP flood attack occurs when zombies send large volumes of ICMP_ECHO packets to
a victim system. These packets signal the victim’s system to reply, and the combination of
traffic saturates the bandwidth of the victim’s network connection. The source IP address may
In this kind of attack the perpetrators send a large number of packets with fake source
addresses to a target server in order to crash it and cause it to stop responding to TCP/IP
After the ICMP threshold is reached, the router rejects further ICMP echo requests from all
addresses in the same security zone.
A peer-ofPeer attack is one form of DDoS attackIn this kind of attack, the attacker exploits a number of bugs in peer-to-peer servers to initiate a DDoS attack.
Permanent Denial-of-service Attacks :
Permanent denial-of-service (PD0 S) is also known as plashing. This refers to an attack
that damages the system and makes the hardware unusable for its original purpose until it is
either replaced or reinstalled. A PD0 S attack exploits security flaws. This allows remote
administration on the management interfaces of the victim’s hardware such as printers,
routers, and other networking hardware.
This attack is carried out using a method known as “bricking a system.” In this method, the
attacker sends email, IRC chats, tweets, and posts videos with fraudulent hardware updates to
the victim by modifying and corrupting the updates with vulnerabilities or defective firmware.
When the victim clicks on the links or pop-up windows referring to the fraudulent hardware
updates, they get installed on the victim’s system. Thus, the attacker takes complete control
over the victim’s system
Application-Level Flood Attacks:
some Dos attacks rely on software-related exploit such as buffer overflows, whereas most of other kinds of DoS attacks exploit bandwidth.the attacks that exploit software cause confusion in the application, causing it to fill the disk space or consume all aviable memory or CPU cycles.
Application-Level flood attacks have rapidly become a conventional threat for doing business on the internet. Web application security is more critical than ever.This attack can result in substantial loss of money, serve and reputation for the organization.
Usually, the loss of service is the incapability of specific network service, such as email, to be available or the temporary loss all network connectivity and services. Using this attack, attackers destroy programming source code and files in affected computer systems.
DDoS Attacks tools.
There are hundreds of DDoS Tools, but her are four famous tools, they are:
I open source tool, written in C#. The main purpose of the tool is to conduct stress tests of a web application so that the developers can see how a web application behaves under a heavier load.
but when thousand of users run LOIC at once, the wave of requests become overwhelming, often shutting down a web server or one of its connected machines, like a database server) down completely, or preventing the legitimate request from being answered.
LOIC is more focused on web applications; we can also call it an application n-based DOS attack.
The HOIC was developed during Operation Payback by Praetox—the same folks who developed LOIC. The only difference between HOIC and LOIC is that that HOIC uses an HTTP flood using booster files that enable a small number of users to effectively DoS a website by sending a flood of randomized HTTP GET and POST requests.
it’s very easy DDoS tool. you just put the IP and Port Of the target, select the protocol and FIRE.
actually, we can find a hundred of Dos tools in Metasploit.
kali > cd /usr/share/metasplot-framework/auxiliary/dos
I Hope This Post Was Helpful.
Please Write Comment If Like This Post.