DDoS-attack: how to do? The program for DDoS-attacks

Probably, many modern userscomputers and the Internet have heard about the presence of DDoS-attacks, made by intruders in relation to any sites or servers of large companies. Let's see what a DDoS-attack is, how to do it yourself and how to protect yourself from such actions.

What is a DDoS attack?

For starters, perhaps, it is worthwhile to understand that by themselvesrepresent such unlawful actions. We will discuss at once that when considering the topic "DDoS-attack: how to do it yourself", the information will be submitted only for review, not for practical use. All actions of this kind are criminally punishable.

The very attack, by and large, representsby sending a sufficiently large number of requests to the server or site, which, exceeding the limit of accesses, block the operation of the web resource or the provider's service in the form of disabling the server with security software, firewalls or specialized equipment.

It is clear that DDoS-attack with their own hands can notbe created by one user from one computer terminal without special programs. In the end, well, he will not be sitting all day long, and every minute send requests to the site being attacked. This number will not work, since protection against DDoS attacks is provided by each provider, and one user is not able to provide such a number of requests to the server or site that in a short time exceeded the limit of calls and caused the triggering of various defense mechanisms. So to create your own attack you will have to use something else. But more on that later.

Why is there a threat?

If you understand what a DDoS-attack is, how to do it and send the exceeded number of requests to the server, it is worth considering the mechanisms by which such actions are performed.

This can be unreliable firewalls, notable to cope with a huge number of requests, security holes in the provider's security system or in the operating systems themselves, a lack of system resources for processing incoming requests with further system hang-up or emergency shutdown, and so on.

At the dawn of the emergence of this phenomenon in the mainDDoS-attack with their own hands was carried out mainly by programmers who created and tested with it the efficiency of protection systems. Incidentally, even IT-giants such as Yahoo, Microsoft, eBay, CNN and many others have suffered from the actions of cybercriminals who used DoS and DDoS components as weapons. The key moment in those situations was attempts to eliminate competitors in terms of restricting access to their Internet resources.

In general, modern e-merchants are doing the same. To do this, simply download the program for DDoS-attacks, well, then, as they say, the matter of technology.

Types of DDoS attacks

Now a few words about the classification of such attackstype The main for all is disabling the server or site down. The first type can be attributed to errors associated with sending incorrect instructions to the server for execution, as a result of which it crashes. The second option is to send user data in bulk, leading to an infinite (cyclic) check with increasing load on system resources.

The third type is flood. As a rule, this is a task of advance incorrectly formed (meaningless) requests to the server or network equipment in order to increase the load. The fourth type is the so-called clogging of communication channels with false addresses. Another attack can be used, leading to the fact that the configuration in the computer system itself changes, which leads to its complete inoperability. In general, you can list for a long time.

DDoS attack to the site

As a rule, such an attack is associated with a specific hosting and is directed exclusively at one predetermined web resource (in the example in the photo below it is conditionally designated as example.com).

With too many hits to the sitecommunication failure occurs because the communication is blocked not by the site itself, but by the server part of the provider service, or rather, not even by the server itself or the security system, but by the support service. In other words, such attacks are aimed at ensuring that the hosting owner receives a denial of service from the provider when a certain contractual limit of traffic is exceeded.

DDoS attack on server

As for server attacks, here they aresent not to any particular hosting, namely to the provider who provides it. It doesn’t matter that site owners may suffer. The main victim is the provider.

Application for the organization of DDoS attacks

Here we come to understanding whatDDoS attack. How to make it with the help of specialized utilities, we now understand. Immediately, we note that applications of this type are not very secret. On the Internet they are available for free download. For example, the most simple and well-known program for DDoS attacks called LOIC is freely available on the World Wide Web for download. With its help, you can attack only sites and terminals with previously known URLs and IP addresses.

How to get at your disposal the IP address of the victim, for ethical reasons, we will not consider now. We presume that we have initial data.

To run the application, use the executableLoic.exe file, then in the two upper lines on the left side the original addresses are entered, and then two “Lock on” buttons are pressed - just to the right in front of each line. After that, the window will show the address of our victim.

Below are speed control sliders.request transfers for TCP / UDF and HTTP. By default, the value is set to "10". We increase to the limit, after which we press the big button “IMMA CHARGIN MAH LAZER” to start the attack. You can stop it by pressing the same button again.

Naturally, one such program thatoften called a “laser gun”, it will not be possible to bring trouble to some serious resource or provider, because the protection against DDoS attacks is installed there rather powerful. But if a group of people use a dozen or more of these guns at the same time, something can be achieved.

DDoS protection

On the other hand, everyone who triesmake an attempt to DDoS-attacks, must understand that on the "other" side, too, not fools are sitting. They can easily calculate the addresses from which such an attack is made, and this is fraught with the saddest consequences.

As for ordinary owners of hosting,Usually, the provider immediately provides a package of services with appropriate protection. Means to prevent such actions can be very much. These are, say, redirecting attacks to an attacker, redistributing incoming requests to several servers, filtering traffic, duplicating protection systems to prevent their false alarms, increasing resources, etc. By and large, the average user has nothing to worry about.

Instead of an afterword

It seems that from this article it becomes clearWhat to do DDoS-attack itself in the presence of special software and some initial data of work will not be. Another thing - is it worth it to do, and even an inexperienced user who decided to indulge, so, for the sake of sports interest? Everyone should understand that his actions in any case will cause the application of retaliatory measures on the part of the attacked side, and, as a rule, not in favor of the user who launched the attack. But according to the Criminal Codes of most countries, for such actions you can get, as they say, in places not so distant for a couple of years. Who wants this?