DoS,DDoS and DRDoS attack by 27bytes/Whackerz
DoS,DDoS and DRDoS attack 1.Disclaimer 2.Introduction 3.ICMP attacks 4.Smurf attacks 5.SYN flooding 6.DRDoS Written by: 27bytes 1.Disclaimer I'm not responsible for what you will do with the information that this tutorial contains. This is for educational purposes only. I don't care if you do something stupid like DoSing someone's computer. Almost forgot i don't care about typos just made a cheap spelling and grammar check so please don't complain. 2.Introduction DoS stands for Denial of Service it is a known attack for almost everyone that is involved with hacking or cracking. A DoS attack is a attack that will prevent someone using a service, for example crashing the HDD so the victim can't use the computer. DoS is very old... but approximately year 2000 it was in every IT paper "DDoS attacks" it brought down several huge webservers like Yahoo CNN Amazon GRC etc... DDoS stands for Distributed Denial of service the only diffrence is that DoS is from one single computer DDoS is from many. For example a hacker crack into a couple of home computers let's say 30 computers and install DDoS servers on everyone of them he/she can launch DoS attacks from all those computers, with me? good. 3.ICMP attacks ICMP attack old one ICMP stands for Internet Control Message Protocol by the way :=) ICMP packets are used to see if a host is alive... if the ICMP packets are too large the host will slow down or eventually crasch. So how do you launch ICMP attacks easy you can use MS-DOS, you just have to write this in your MS-DOS prompt "ping -l 65000 -t" 65000 is the size of the packet(obviously). 4.Smurf attacks It doesn't require alot to launch smurf attack you have to understand the principle of TCP/IP. For example i send ICMP_ECHO packets to a host, the host will respond with ICMP packets. But lets say i spoof my ip and send ICMP_ECHO packets to a amplifier network then my spoofed ip will recieve large amounts of ICMP packets and you can figure out what will happen. rurf.c is a good utility for smurfing, you use like it like this "./rurf ". You can find smurf amplifiers at http://www.powertech.no/smurf/ and http://www.netscan.org. 5. SYN flooding To understand this you need some basic knowledge about TCP/IP. SYN packet Client---------------->Server SYN/ACK packet Client<---------------Server(connection established) ACK packet Client---------------->Server(established) After that the client established a connection with the host and sends data almost forgot, this is called TCP-basic 3way handshake. To reset the connect they have to send RST packets. So SYN flooding is basically opening alots of useless connections to a host. This can result in taking up all the system memory or eventually crasch. 6. DRDoS DRDoS stands Distributed Reflection Denial of Service simple ACK flooding. creating alot of SYN connections with a spoofed ip to many hosts and they will respond with ACK packets. That means that my spoofed ip will recieve large amounts of ACK packets.