Probably, many modern users of computers and the Internet have heard of the presence of DDoS attacks carried out by attackers in relation to any sites or servers of large companies. Let's see what a DDoS attack is, how to do it yourself and how to defend against such actions.
What is a DDoS attack?
To begin with, perhaps it’s worth understanding what such illegal actions are. We will make a reservation right away that when considering the topic “DDoS attack: how to do it yourself,” the information will be provided for information only, and not for practical use. All actions of this kind are criminally punishable.
The attack itself, by and large, is the sending of a sufficiently large number of requests to the server or site, which, when the limit of calls is exceeded, blocks the operation of the web resource or the service of the provider in the form of shutting down the server with security software, firewalls or specialized equipment.
It is clear that a do-it-yourself DDoS attack cannot be created by one user from one computer terminal without special programs. In the end, well, he won’t sit all day and night and send requests to the attacked site every minute. This number will not work, because each provider provides protection against DDoS attacks, and one user is not able to provide such a number of requests to the server or site that would exceed the limit of calls in a short time and cause the operation of various protective mechanisms. So to create your own attack you have to use something else. But more on that later.
Why is there a threat?
If you understand what a DDoS attack is, how to make it and send an excess number of requests to the server, it is worth considering the mechanisms by which such actions are performed.
This may be unreliable firewalls that are unable to cope with a huge number of requests, gaps in the provider’s security system or in the "OSes" themselves, lack of system resources to process incoming requests with further system freezing or crashing, etc.
At the dawn of the occurrence of such a phenomenon, a DDoS attack was mainly carried out with one's own hands mainly by the programmers themselves, who created and tested the functionality of the protection systems with its help. By the way, at one time even the IT giants such as Yahoo, Microsoft, eBay, CNN and many others suffered from the actions of attackers who used DoS and DDoS components as weapons. The key point in those situations was the attempt to eliminate competitors in terms of restricting access to their Internet resources.
In general, modern electronic businessmen are doing the same. For this, a program for DDoS attacks is simply downloaded, and then, as they say, a matter of technology.
Types of DDoS Attacks
Now a few words about the classification of attacks of this type. The main thing for everyone is to disable the server or site. The first type includes errors associated with sending incorrect instructions to the server for execution, as a result of which its operation terminates abnormally. The second option is the mass sending of user data, leading to an endless (cyclic) check with an increase in the load on system resources.
The third type is flood. As a rule, this is a task of incorrectly formed (meaningless) requests to a server or network equipment in order to increase the load. The fourth type is the so-called clogging of communication channels with false addresses. An attack can also be used, leading to the fact that the configuration in the computer system itself changes, which leads to its complete inoperability. In general, you can list for a long time.
DDoS attack on the site
Typically, such an attack is associated with a specific hosting and is directed exclusively to one predefined web resource (in the example in the photo below it is conventionally designated as example.com).
If there are too many accesses to the site, a communication failure occurs due to the blocking of communication not by the site itself, but by the server part of the provider service, or rather, not even by the server or security system, but by the support service. In other words, such attacks are aimed at ensuring that the hosting owner receives a denial of service from the provider if a certain contractual traffic limit is exceeded.
DDoS attack on the server
As for server attacks, here they are not aimed at any particular hosting, but specifically at the provider that provides it. And it doesn’t matter that site owners can suffer because of this. The main victim is the provider.
Application for organizing DDoS attacks
Here we come to understand what a DDoS attack is. How to do it with the help of specialized utilities, we now understand. Immediately, we note that applications of this type are especially classified and are not. On the Internet they are available for free download. For example, the simplest and most well-known program for DDoS attacks called LOIC is freely available on the World Wide Web for download. With its help, you can attack only sites and terminals with pre-known URL and IP addresses.
How to get at our disposal the IP address of the victim, for ethical reasons, we will not consider now. We proceed from the fact that we have initial data.
To run the application, the Loic.exe executable file is used, after which the source addresses are entered in the upper two lines on the left side, and then two “Lock on” buttons are pressed - a little to the right opposite each line. After that, the address of our victim will appear in the window.
Below there are sliders for regulating the speed of request transmission for TCP / UDF and HTTP. By default, the value is set to "10". Increase to the limit, and then press the large "IMMA CHARGIN MAH LAZER" button to start the attack. You can stop it by pressing the same button again.
Naturally, one such program, which is often called the “laser gun”, will not work for any serious resource or provider, since the protection against DDoS attacks is quite powerful there. But if a group of people use a dozen or more of these guns at the same time, you can achieve something.
DDoS Protection
On the other hand, anyone trying to attempt a DDoS attack should understand that there are no fools on the “other” side either. They can easily calculate the addresses from which such an attack is carried out, and this is fraught with the most sad consequences.
As for ordinary hosting owners, usually the provider immediately provides a package of services with appropriate protection. There can be a lot of means to prevent such actions. This is, say, redirecting an attack to an attacker, redistributing incoming requests to several servers, filtering traffic, duplicating protection systems to prevent their false triggering, increasing resources, etc. By and large, there is nothing for the ordinary user to worry about.
Instead of an afterword
It seems that from this article it becomes clear that it will not be difficult to make a DDoS attack yourself if you have special software and some initial data. Another thing - is it worth it to do, and even an inexperienced user who decided to indulge, so, for the sake of sports interest? Everyone should understand that his actions in any case will cause the application of retaliatory measures by the attacked side, and, as a rule, not in favor of the user who launched the attack. But, according to the Criminal Codes of most countries, for such actions you can get, as they say, in places not so distant for a couple of years. Who wants this?