(Off-Topic) DDOS

I was catching up on tech/app/web news and I read a story about a group called DERP (@DeroTrolling on twitter) that has been taking down major websites including Steam and EA using DDOS attacks. I’m curious if any of you know what a DDOS is / What it does to take down the servers

Something bad. Beats me.
Edit: JK. Look here

Have you heard of the group “Anonymous”? They dont get into the news anymore, but they used DDOS attacks to overload servers and blocking access. The most common way to DDOS a site (server more likely), they use a tool called a “Network Stress Tester” which amplifies the strain on a server. They coordinate attacks from their million or so followers and take down servers/sites for Cyber Activism(also known as “Hacktivists”)
Edit This will explain better:

http://lmgtfy.com/?q=Anonymous

Source: I may or may not be a member of Anonymous

@Zoyt, i probably should have googled first…

Anyways, I just tried this on my site to see how vulnerable it was and it worked after only about 1300 requests (less than 5 minutes)…

EDIT: Code removed just in case. If you want to see it, ask and I might share.

@JakAttak,

(Sorry, I’m too lazy to put them in order :p)

  1. Yes, DDOS attacks are illegal, thats why Anonymous members could be arrested

  2. You never know on the internet, even here,sorry, but It’s the cold hard truth

  3. High stress handling levels to stop the attacks, but the attackers can only be stopped by prying them from their computers, but even then it’s tricky bc they might have already started, or you can cause a social uprising and cause hundreds more attacks
    :stuck_out_tongue: :stuck_out_tongue: :stuck_out_tongue:

  1. Indeed… Still, we have a great community here

  2. I did some Wikipedia, and as far as i can tell from this, it is only illegal if you do it to a ‘protected computer’ Edit: Nevermind, re-read thats only in theory

  3. Well actually… http://www.business.att.com/enterprise/Service/network-security/threat-vulnerability-management/ddos-protection/

Did your site crash/Not work?

@CodeaNoob, yup. It’s still down.

Then it’s a DDOS attack. These things are powerful, so be careful. Visa and Paypal both got shutdown by DDOS attacks 2-3 years ago I believe. I would take the code down, just so no one decides to try and strain the forums!
:stuck_out_tongue:

@CodeaNoob

Well it’s actually only a DoS attack because it’s from only one source…

  1. I hope no one around here is that kind of person - these forums do not deserve to be harrased!

  2. Is it not illegal to use a DoS attack on others?

  3. Im wondering if there are ways to stop them (If so im sure Simeon and the TLL gang have some counter-measures in place)

Anyways, I took it down.

A lot of hackers in the past have used tools such as the funkily named ‘Low Orbit Ion Cannon’ (LOIC) to mount co-ordinated attacks on webservers. (Google it for more info).

It appears to be quite a primitive tool that basically fires TCP/UDP packets en-mass at a site to bring it down. Although, these days most Firewalls can pretty much block such crude attacks.

I’ve never quite understood why this tool hasn’t been banned to be honest and is freely available as OpenSource - very odd. :-/

DDOS’s are actually highly illegal, especially if you target a business website i.e. paypal/amazon because then you are stopping someone from making money which they would have done… There are many tools around and exploits that can do this but most are patched on big servers like twitter and Facebook. I don’t see why anyone on this forum would feel the need for it but the protection isn’t too hard to find. @andymac3d It’s classed as an educational tool :confused:

When @Briarfox and I were working on the chat room, I was testing updating and requesting data from Briarfox’s server more frequently and (multiple times) caused an accidental DDoS attack.

@SkyTheCoder, interesting. Actually, seeing as how you request every second, im surprised the server handles multiple people doing that without crashing

But why would someone dos the forums? To annoy us and ttl cause they loose sales if there’s no support forum?

Someone who holds a grudge against the forums, against the community, against the app, or even against TLL, might do it as ‘revenge’ I suppose.

Honestly, I took it down less for fear of someone using it against the forums, but more for the fear of someone using my code to do something bad to someone else.

@JakAttak Noobatcoding REALLY hates the community. Especially those who reported and complained about him. We removed pretty much everything he posted, well, it was inappropriate and we were even forced to delete him with how bad he was to everyone

@JakAttak the forum is being mentioned a lot when I was reading this, yes the forum being down annoys us but I fought that’s not the least of the worrys. They can attack major websites