Denial of Service Attack
From Walrus Wiki
A Denial of Service Attack is an attack on a computer resource (usually a server) to make it unavailable to it's users.
Contents |
Factors
For a Denial of Service Attack to be efficient to the attacker, the attacker must first gain information regarding the server's functionality, including:
- Server type (Shared, VPS, dedicated, etc.)
- CPU Quota
- Bandwidth
Methods
Denial of Service Attacks operate by flooding the server with various requests, depending on the method.
HTTP Flooding
HTTP Flooding is the process of sending massive amounts of HTTP packets (GET is likely more efficient) to the targeted server, simulating massive amounts of traffic, and therefor makes the server extremely slow. Flooding static pages such as .html is unwise, as .php, .cgi, etc, pages require CPU usage and therefor moar efficient attacks. We've had the most success with HTTP flooders such as pygetraep, unfortunately, many newfags use Windoze rather then Mac or Ubuntu.
TCP Flooding
TCP Flooding, unlike HTTP Flooding, works by using up all available connections the server can handle, so that when a legit visitor contacts the server, the server cannot read the request as it's tied up with all the attacker's requests.
TL;DR
Software
There are many types of software that could be used for Denial of Service Attacks. #iamthewalrus rarely uses Low Orbit Ion Cannon, even though in many raids, they appear to have no effect on the server. While LOIC cannot be used on UNIX type Operating Systems (Ubuntu, Mac, CentOS), a much more effective script is available for UNIX systems (including servers), pygetraep. Sometimes, you can just use a page refresher to DDoS small sites. Just remember, STAY ANON.
| ||||||||
| |||||||||||
