DDOS Handbook
Description
Highlights
5 Attack Tools
Quote
Slowloris, a tool developed by a gray hat hacker who goes by the handle “RSnake,” is able to create a denial-of-service condition for a
Quote
server by using a very slow HTTP request. By sending HTTP headers to the target site in tiny chunks as slow as possible (waiting to send the
Quote
just before the server
Quote
would time out the request), the server is forced to continue to wait for the headers to arrive. If enough connections are opened to the server in this fashion, it is
Quote
quickly unable to handle legitimate requests. 21
Quote
Named after a Children of Bodom album, R.U.D.Y. achieves
Quote
U Dead Yet? (R.U.D.Y.).
Quote
denial of service by using long-form field HTTP POST submissions rather than HTTP headers, as Slowloris does.
Quote
By injecting one byte of information into an application POST field at a time and then waiting, R.U.D.Y. causes application threads to await the end of never-ending posts in order to perform processing (this behavior is necessary in order to allow Webservers to support users with slower connections). Since R.U.D.Y. causes the target Webserver to hang while waiting for the rest of an
Note
WebSockets maybe?
Quote
request, a user is able to create many simultaneous connections to the server—ultimately exhausting the server’s connection table and causing a denial-of-service condition.
Quote
Using a SQL injection,RefRef allows an attacker to cause a denial-of-service condition for a target
Quote
server by forcing it to use a special SQL function (which allows for the repeated execution of any other SQL expression). This constant execution of a few lines of code consumes the target servers’
Quote
resources, resulting in denial of service. Unlike LOIC or HOIC,RefRef does not require a vast number of machines to take down a server due to the nature of its attack 22
Note
Ohhhhh
Quote
If the server’s backend uses SQL and is vulnerable, only a few machines are needed to cause significant outage.
Quote
outages for minutes at a time, and requiring only 10 to 20 seconds of a single machine runningRefRef.
Quote
Botnets are large collections of compromised computers, often
RefRef but using a botnet,what kind of algorithm would be useful to make the attack as efficient as a botnet spamming a whole bunch of junk TCP packets? What about UDP? Needs more research.
If I wanted to run something like
Quote
Botnet owners, or “herders,” are able to control the machines in the botnet by means of a covert channel, such as IRC, issuing commands to perform malicious activities. Such activities may include distributed denial-of-service (DDoS) attacks, distribution of spam mail and information theft.
6 Enterprise Security: Then and Now
Quote
enterprises have extended IT infrastructure to the public cloud, deploying new applications in the cloud or using it for disaster recovery, they now face the need to protect applications in
Quote
the cloud as well as private data centers. This renders traditional security technologies inadequate and enterprises must build multiple skill sets and maintain a new set of management tools.
Note
DevOps!
Quote
Content delivery network (CDN) solutions present new vulnerabilities, with hackers asking for dynamic content to
Quote
There is a real need for an automated central command and
Quote
control system that manages all the tools by receiving ongoing information from all detection tools at all times—automatically controlling the mitigation process. Such a system would provide complete
Note
Could I build this?
10 DDoS Dictionary
Quote
Domain Name System (DNS) is the protocol used to resolve domain names into IP addresses; its underlying protocol is UDP, taking advantage of fast request and response