Hacker, Researcher and Author.

DDOS Attacks In 2012


2011 has been the year where massive DDOS attacks tooks place and most of them were directed by a group of hacktivists called Anonymous and lulzsec. DDOS attacks have totally moved from layer 4 to layer 7 as in layer 4, A hacker would need thousands of computers to attack a single server, where as in Layer 7 DDOS a hacker can easily take down a server with a single computer provided that if it's vulnerable. For those of you who don't know a DOS attack is a method of exhausting a server's resources and compromising it's availability.

Apache Killer



Apache killer is a DDOS/DOS tool written in Perl which sends HTTP GET REQUESTS with multiple byte ranges, These byte ranges occupy a wide variety of portions in the memory space which when abused causes Apache to malfunction.

It was introduced in almost middle of the year 2011, where half of the internet was left vulnerable. And the DOS attacks towards apache were increased by more than 200%. However a patch was released soon after the tool was introduced in the wild. You can read more about apache killer in the following post Zero day Dos vulnerability in Apache.

SlowLoris


Slowloris was also witnessed in the wild, however the intensity of this tool was pretty less then apache killer. Slowloris abuses handling of HTTP request headers

R-U-Dead-Yet


Where in 2011 Apache killer was seen to attack Apache webservers, A tool named R-U-Dead-Yet was also witnessed in wild exploiting HTTP Post Request in order to attack a IIS server. It implements DOS attack via long field submissions.

LOIC


With Apache killer and other tools getting patched on the server side, it was really difficult for the hacktivists to exploit big targets?, So how did they do so?. They used a famous tool called Low Orbit cannon or LOIC for short is by far one of the most famous DDOS tool even. Anonymous used this tool to exploit take down major targets such as payoneer. 

But what's so amazing about this tool as this tool is nearly unstoppable if it's being used by a massive number of audience to target a single website. It performs a DDOS attack by continuously sending a HTTP request. But what's more important to note about this tool is that in 2011, there were about 381,976 downloads. However this download amount has been already surpassed 2 months before in 2012

Image Credit: Imperva

RHA's Predictions For The Year 2012
  • In 2012, The DDOS attacks will be completely moved towards layer 7. 
  • LOIC would be the favorite tool for the year 2012.
  • Tools similar to Apache Killer may be expected. 
  • SSL DDOS attacks would be increased by a huge extent and more user friendly tools would be introduced. 

3 comments:

  1. hi ... Rafay! I want discuss my problem to .. is that i have locked my profile and pics too in facebook account.. but my friend told me that your enemy is watching your profile as well as you pics... i m getting to much panic. could you post about this article that how this thing is working and how i have to escape with them...

    ReplyDelete
  2. Nice one but I saw some shell Scripts that also contains DDOS Tools as their part but I Don't know exactly it's working or not

    #Regards
    #M.Gazzaly
    #(gazzaly.info)

    ReplyDelete
  3. Love to Read Your Articles :) May Allah Bless your Brother!!!!!
    www.myhackingtips.com

    ReplyDelete

© 2016 All Rights Reserved by RHA Info Sec. Top

Contact Form

Name

Email *

Message *

Powered by Blogger.