Monday, May 30, 2011

DoS/DDoS Attacks

This is for educational purposes only.

DoS and DDoS Attacks
an informational and how to guide

Hey folks, Epic here again, bringing you another epic tutorial.
Today we're going to be discussing DoS and DDoS attacks, how they work, and how you can execute them.

What do DoS and DDoS stand for?
DoS stands for Denial of Service. DDoS stands for Distributed Denial of Service. Usually these are followed by the word "Attack(s)". Denial of Service Attack makes more sense than Denial of Service.

How DoS Attacks Work
Credit to Cnet


In a typical connection, the user sends a message asking the server to authenticate it. The server returns the authentication approval to the user. The user acknowledges this approval and then is allowed onto the server.
In a denial of service attack, the user sends several authentication requests to the server, filling it up. All requests have false return addresses, so the server can't find the user when it tries to send the authentication approval. The server waits, sometimes more than a minute, before closing the connection. When it does close the connection, the attacker sends a new batch of forged requests, and the process begins again--tying up the service indefinitely.

Typical Connection


Denial of Service Attack



Read More on Wikipedia: http://en.wikipedia.org/wiki/Denial-of-service_attack



How DDoS Attacks Work
Credit to US-CERT


In a distributed denial-of-service (DDoS) attack, an attacker may use your computer to attack another computer. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attack is "distributed" because the attacker is using multiple computers, including yours, to launch the denial-of-service attack.

The actual DDoS attack works in a similar way to the DoS attack. The attack is executed the same way (although your computer is infected as part of the hacker's botnet) but because its done on such a large scale, it can bring down major websites.



How to DoS Attack


We will be covering how to DoS attack in this tutorial, we will only use command prompt.

First off, get the IP Address of the website. You can do this by looking it up on a website such as DomainTrakker.com.

Here are the steps:
1. Open CMD (command prompt) by going into the Start menu, selecting Run and typing in CMD.

2. Get the IP of the website you wish to DoS, in this example we are using this:
Code:
59.12.182.71
(random IP)

3. So you would type this in your CMD: 
Code:
ping 46.17.100.40 -t -l 14000
(The higher the longer & The more damage done) 

4. You have sucesfully DoS'd your target! Just allow it to finish, it may take a while.

Some things to note:
  • DoSing is a form of illegal hacking.
  • Its rare that a DoS attack from a single computer will be effective, on major sites, it may not even cause any lag.
  • You may need to use a DDoS attack. You can either cooperate and DDoS together, manually using command prompt, or advanced hackers can force other computers (who he has added to his "botnet") to attack simultaneously. See this diagram:http://www.pc1news.com/articles-img/...k-Diagram5.jpg

I will not teach you how to attack personal computers and create a botnet, that is highly illegal and no good will come of it.

1 comment:

  1. Been using AVG Anti virus for many years now, I'd recommend this Antivirus to everybody.

    ReplyDelete