Denial of Service in Depth - A Hacker's Life Starter: Security Penetration Anywhere & Anytime (2014)

A Hacker's Life Starter: Security Penetration Anywhere & Anytime (2014)

Chapter 7. Denial of Service in Depth

We will cover:

* What is Denial of Sercice

* How DoS works

* Building a DoS attack

* DoS on the DNS

Have you ever liked to crush things when you were a kid? And, when you got older things had got digitally and it was impossible to do so? Now here I will present to you DoS itself right in front of you to make your old dream to come true again.

What is Denial of Service

DDoS “Distributed Denial of Service.” A DDoS attack is a malicious attempt to make a server or a network unreachable of the client, usually by temporarily making it slow or down the services of a host.

Specific DoS Attacks Types:

* UDP Flood

* ICMP Flood

* Ping of Death

* Slowloris

* Zero-day DDoS

How Dos works

A lot of people might be thinking that DDoS is about cracking the security or to change private information. For example, an Email Denial of Service attack it’s not about hacking the user email but to prevent him from checking, receiving or sending the mails. It works like you already might probably already guessed by sending mass and mass of request continuously.

And with this the service/server becomes either slow or crashes. What’s happening really is either the system can’t figure out which packet is real or not and even if it does it slow the system capacity speed to handle all of them in time.

Limitations of DoS

In these days the services are really strong and clever for example the service might be getting many good packages from many other devices and there is one device that is sending many packages that one normally does not. What happens is that the attack needs to be stopped.

Sometimes even when the DDos manages to put the service/server down. It goes back up after a few moments.

Another one if you only got one attacker attacking a website and that website has so many traffic on it. It would be almost impossible because so many people are sending their packets and that gets in your way and that would intervene everything.

Building a DoS Attack

First stuff you need to be finding a service that you can target, something with open ports for example. Service that supports open connections like:

* Web servers

* Email servers

* DNS servers

Also connection that don’t have limit . To find out that it has no limit send package to see how much it can hold. Send a lot of email attachments into their system. And, let’s say you don’t have a specific target you can just flood it like we would do, but it takes more flooding and more connection to do it.

Setting up the tools

1. I will be using Advanced Port Scanner for this exercise. I found mine for free in google go ahead ,take a look, download it and install it (see Figure 7-1)

In Figure 7-1 . Here Advanced Port Scanner in the installation process.

It scans in the network it shows you all the networks that are on the network. Here, on my network I found a machine with server and with its open ports(see Figure 7-2)

.

In Figure 7-2 .Advanced Port Scanner is here in action scanning ports

2. Okay so now that we have the system (router) and the port I’ll be setting up the second tool called Low Orbit Ion Cannon(LOIC) . It’s an open source software and can be downloaded it at: sourceforge.net/projects/loic/‎ (see Figure 7-3)

In Figure 7-3 .This is how LOIC is looking when its running.

3. And now in the IP field I’m going to fill in the IP of the server I found After then click on lock on.

4. Fill in the port field a port that.

5. Also change the method field to TCP. And click on IMMA CHARGIN MAH LAZER to mount the attack, quickly the Requested will start increasing fast.

With this the server could either start getting slower by getting many resources or Its defending itself from this kind of attack.

6. Now if you click stop and change the port to another open port it and drag the slider in the TCP/EDP message area and make it slow to confuse the server from defending itself and hit on IMMA CHARGIN MA LAZER again.

Now it’s up to you, to set up few computers maybe eight or ten with LOIC installed on them doing the same thing on the same port.

After a few moment of flooding, try pinging the router in cmd. And if you got Request Time out that means the router might be down..

DoS On a DNS

DNS is actually IP address simplified in words and letters which makes it easy for someone to use instead of IP address for example www.test.com. Here, I will show you how to DDos any website using their DNS. As complicated as it may sound all that it really takes some knowledge on how to work with CMD.

1. Okay so now run your windows that your using. I’ll be using Windows 7 and run notepad.

2. In notepad write down these couple of lines:

color a

title DDOS sitename.com

ping www.siename.com -t -l 20000

2. Save this text file as a .BAT file

4. And now go to the folder you saved the file and run this file multiple times. You’ll end up with many CMD windows pinging (flooding) the site.

Sometimes it may give you Request timed out , but that's not a big of a deal.

But if it keeps and always giving you “Request timed out” and "no Reply" from the site at all that means the site is really big and difficult to put down or you really need some powerful computers with good PC to get some replies.

Here, I'll be showing you I have 160 bat file opened running and that's it(see Figure 7-4)!

In Figure 7-4 .Here I’m showing you how I have 156 cmd opened DDoS my website.

5. Don’t close the command prompts and leave them working for an hour or even more (The bigger the site the more time it takes). While command prompts are running keep refreshing the site to see if it's still up and eventually after a few moments it will be down.

A tip to make sure the site goes down and faster is to do this trick of opening many command prompt on multiple computers. The more computer you have better.

Small summary ahead

* DDoS attack is a malicious attempt to make a server or a network unreachable of the client, usually by temporarily making it slow or down the services of a host.

* Sometimes even when the DDos manages to put the service/server down. It goes back up after a few moments.

* When you are about to DoS something find a network with open ports

* Advanced Port Scanner is a software for the Port scanning in the network

* DNS is actually IP address simplified in words and letters.