DDoS’ing – The Different Types

A typical DDoS tool.

DDOS – Distributed Denial of Service Attack.

This is as horrible as the name sounds. A DDoS, when performed, will literally take things down if you have some heavy hardware to attack. DDoSing basically means sending a large amount of packets and requests to a machine, more than it is able to handle and thus cause it to stop functioning. While Facebook and NASA are certain that their websites are secure, DDoSing is one thing they will take a legal action against almost immediately (NASA is famous for carrying DDoS investigations). DDoSing may sound as simple as causing a machine to stop, but it can be a no. of ways this process can be carried out.

1. Botnet attack

A botnet means a network of bots (infected computers) connected with each other and obeying their hidden botherder (hacker or the master controlling the network). While making a botnet can be as simple as spreading a keylogger, if used effectively and if the bots consist of a good connection, this attack can be powerful enough than what is expected. People who run botnets first infect thousands of computers, and then use them to ping a website/host at the same time causing it to malfunction and shutdown. Bots do not know about what their PC is being used for in this case.

2. Flood

Flooding means using a very expensive and capable server to send large attacks (over 5-10gbps) to machines that are to be taken down by either sending invalid packets, making half-open connections, and mass-pinging. Only a single server is enough in this case and this is the most used method today. People that run booters (ddosers) will most probably use a single server with a big bandwidth cap to attack people.

3. RUDY

RUDY stands for “Are you dead yet?” in the simple terms and this attack will most likely not be performed for a legal cause. The whole purpose of this attack is to trace out the forms from a given URL and flood it with invalid requests. This will most likely consist of a configuration file. RUDY attacks support proxies such as SOCKS5.
Homepage: https://code.google.com/p/r-u-dead-yet/

4. SSYN Flood

This requires the sending of TCP/SYN packets to a host machine with a forged sender address, so when it has to reply back with the ACK ( Acknowledgement) packet, it is unable to perform the action due to the forged sender address which does not exist. The connections become half-open and the packets keep on saturating ultimately shutting down the system.

5. UDP/UDPLag

This is the most used attack in case of games. People can and will want their opposition team to lag a lot, also known as bitchlagging. When they will lag, we will win. This is what attracts gamers to perform such attacks. While the UDP attack will use the UDP protocol (also used by uTorrent) to flood a host with requests and shut it down, UDPLAG will try to saturate a certain amount of packets over time so that the host does not actually shutdown but experiences enough lag to quit the game himself.
———————————————-
DDoSing can be both for a cause or for fun, but please do not make illegal use of it. Attacking bank gateways and facebook is only going to bring you trouble. Also do not always expect the host to shutdown. If the host has a good upper-level DDoS protection, the firewall will block you and not accept any packets from your side, nullifying your attack.