The denial of service (DOS) attack is one of the most powerful attacks used by hackers to harm a company or organization. Don’t confuse a DOS attack with DOS, the disc operating system developed by Microsoft. This attack is one of most dangerous cyber attacks. It causes service outages and the loss of millions, depending on the duration of attack. In past few years, the use of the attack has increased due to the availability of free tools. This tool can be blocked easily by having a good firewall. But a widespread and clever DOS attack can bypass most of the restrictions. In this post, we will see more about the DOS attack, its variants, and the tools that are used to perform the attack. We will also see how to prevent this attack and how not to be the part of this attack.
What Is a Denial of Service Attack?
A DOS attack is an attempt to make a system or server unavailable for legitimate users and, finally, to take the service down. This is achieved by flooding the server’s request queue with fake requests. After this, server will not be able to handle the requests of legitimate users.
In general, there are two forms of the DOS attack. The first form is on that can crash a server. The second form of DOS attack only floods a service.
DDOS or Distributed Denial of Service Attack
This is the complicated but powerful version of DOS attack in which many attacking systems are involved. In DDOS attacks, many computers start performing DOS attacks on the same target server. As the DOS attack is distributed over large group of computers, it is known as a distributed denial of service attack.
To perform a DDOS attack, attackers use a zombie network, which is a group of infected computers on which the attacker has silently installed the DOS attacking tool. Whenever he wants to perform DDOS, he can use all the computers of ZOMBIE network to perform the attack.
In simple words, when a server system is being flooded from fake requests coming from multiple sources (potentially hundreds of thousands), it is known as a DDOS attack. In this case, blocking a single or few IP address does not work. The more members in the zombie network, more powerful the attack it. For creating the zombie network, hackers generally use a Trojan.
There are basically three types of DDOS attacks:
Application-layer DDOS attack
Protocol DOS attack
Volume-based DDOS attack
Application layer DDOS attack: Application-layer DDOS attacks are attacks that target Windows, Apache, OpenBSD, or other software vulnerabilities to perform the attack and crash the server.
Protocol DDOS attack: A protocol DDOS attacks is a DOS attack on the protocol level. This category includes Synflood, Ping of Death, and more.
Volume-based DDOS attack: This type of attack includes ICMP floods, UDP floods, and other kind of floods performed via spoofed packets.
There are many tools available for free that can be used to flood a server and perform an attack. A few tools also support a zombie network to perform DDOS attacks. For this post, we have compiled a few freely available DOS attacking tools.
Free DOS Attacking Tools
1. LOIC (Low Orbit Ion Canon)LOIC is one of the most popular DOS attacking tools freely available on the Internet. This tool was used by the popular hackers group Anonymous against many big companies’ networks last year. Anonymous has not only used the tool, but also requested Internet users to join their DDOS attack via IRC.
It can be used simply by a single user to perform a DOS attack on small servers. This tool is really easy to use, even for a beginner. This tool performs a DOS attack by sending UDP, TCP, or HTTP requests to the victim server. You only need to know the URL of IP address of the server and the tool will do the rest.
You can see the snapshot of the tool above. Enter the URL or IP
address and then select the attack parameters. If you are not sure, you
can leave the defaults. When you are done with everything, click on the
big button saying “IMMA CHARGIN MAH LAZER” and it will start attacking
on the target server. In a few seconds, you will see that the website
has stopped responding to your requests.
This tool also has a HIVEMIND mode. It lets attacker control
remote LOIC systems to perform a DDOS attack. This feature is used to
control all other computers in your zombie network. This tool can be
used for both DOS attacks and DDOS attacks against any website or
server.
The most important thing you should know is that LOIC does
nothing to hide your IP address. If you are planning to use LOIC to
perform a DOS attack, think again. Using a proxy will not help you
because it will hit the proxy server not the target server. So using
this tool against a server can create a trouble for you.
Download LOIC Here: http://sourceforge.net/projects/loic/
2. XOIC
XOIC is another nice DOS attacking tool. It performs a DOS attack an any
server with an IP address, a user-selected port, and a user-selected
protocol. Developers of XOIC claim that XOIC is more powerful than LOIC
in many ways. Like LOIC, it comes with an easy-to-use GUI, so a beginner
can easily use this tool to perform attacks on other websites or
servers.
In general, the tool comes with three attacking modes. The
first one, known as test mode, is very basic. The second is normal DOS
attack mode. The last one is a DOS attack mode that comes with a
TCP/HTTP/UDP/ICMP Message.
It is an effective tool and can be used against small websites.
Never try it against your own website. You may end up crashing your own
website’s server.
Download XOIC: http://sourceforge.net/projects/xoic/
3. HULK (HTTP Unbearable Load King)
HULK is another nice DOS attacking tool that generates a unique
request for each and every generated request to obfuscated traffic at a
web server. This tool uses many other techniques to avoid attack
detection via known patterns.
It has a list of known user agents to use randomly with
requests. It also uses referrer forgery and it can bypass caching
engines, thus it directly hits the server’s resource pool.
The developer of the tool tested it on an IIS 7 web server with 4 GB RAM. This tool brought the server down in under one minute.
Download HULK here: http://packetstormsecurity.com/files/112856/HULK-Http-Unbearable-Load-King.html
