<div dir="ltr"><img width="0" height="0" class="mailtrack-img" alt="" style="display:flex" src="https://mailtrack.io/trace/mail/112fe13caaaf923d1929d51871575f85545eb9a9.png?u=1834443"><div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">The resource is great. <br><br>DDoS attacks are also an art. <br>There are many tools but I've only used hping3 till now for testing purposes. </div></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">The Metasploit framework in Kali has a long list of types, just run "/usr/share/metasplot-framework/auxiliary/dos" followed by "ls -l" & it will list down different types of attacks.<br><br>One might find great resources in <a href="https://www.exploit-db.com/">https://www.exploit-db.com/</a> too.</div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">Others I've come across in research are:<br><br></div><div class="gmail_default"><div class="gmail_default"><font face="tahoma, sans-serif">LOIC: The Low Orbit Ion Cannon (LOIC) was used by Anonymous in the Operation Payback attack against PayPal, Visa, and MasterCard in retaliation for cutting off WikiLeaks donations. This tool is Windows-based and almost as easy as pointing and clicking.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">HOIC: HOIC uses an HTTP flood using booster files that enable a small number of users to effectively DoS a website by sending a flood of randomized HTTP GET and POST requests. It is capable of simultaneously DoSing up to 256 domains. You can download it from SourceForge.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">XOIC: The user simply needs to set the IP address and port of the target, select a protocol (HTTP, UDP, ICMP, or TCP), then begin to fire.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">HULK: Another tool capable of bringing down web servers. This tool uses various obfuscation techniques to limit the ability of the target to mitigate the attack.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">UDP Flooder: does just as you would expect—it sends a flood of UDP packets to the target. It has been effectively used to knock gamers off their networks (online games primarily use UDP).</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">RUDY: RUDY takes a different approach to DoSing websites. It enables the user to select a form from the web app and then use that form to send a flood of POST requests. You can download it from Hybrid Security.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">ToR's Hammer: Was designed to be run through the ToR network to anonymize the attack and limit mitigation. The problem with this strategy is that the ToR network tends to be very slow, thereby limiting the rate at which the packets can be sent and thereby limiting the effectiveness of this tool.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">Pyloris: Another DoS tool, but with still a different strategy. It allows the user to construct their own, unique HTTP request headers. It then attempts to keep open these TCP connections as long as possible in order to exhaust the connection queue. When it does this, no legitimate connections can be made and new attempts to connect by other users will be dropped. </font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">OWASP Switchblade: D the Switchblade DoS tool to be used to test the resiliency of a web app to DoS attempts. It has three modes, 1. SSL Half-Open, 2. HTTP Post, and 3. Slowloris.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">DAVOSET: Written in Perl, that uses zombie systems to distribute the attack across multiple systems. This tool uses Abuse of Functionality and XML External Entities vulnerabilities on other sites to "zombie" them and attacks the target site. Includes over 160 zombie services. </font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">GoldenEye HTTP DoS Tool: GoldenEye is simple DoS tool that loads an HTTP server attempting to exhaust its resource pool. It's great for testing your website, but not really effective in the real world as most perimeter defenses will detect it. </font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">THC-SSL-DOS: This DDoS tool (built right into Kali) is different from most DoS tools in that it doesn't require huge amounts of bandwidth and can be conducted with a single system. It attacks vulnerabilities in SSL to bring down the server.</font></div><div class="gmail_default"><font face="tahoma, sans-serif"><br></font></div><div class="gmail_default"><font face="tahoma, sans-serif">DDOSIM - Layer 7 DDoS Simulator: This tool from Storm Security simulates a DDoS attack from various zombies with random IP addresses. It attempts to create a full TCP connection (SYN-SYN/ACK-ACK). As the name implies, it operates at the application layer (layer 7). It is also capable of simulating a DDoS attack upon the SMTP server and a TCP flood at random ports.</font></div><div style="font-family:tahoma,sans-serif;font-size:small"><br></div><div style="font-family:tahoma,sans-serif;font-size:small">Another Resource: <a href="https://www.techrepublic.com/article/ddos-attacks-increased-91-in-2017-thanks-to-iot/">https://www.techrepublic.com/article/ddos-attacks-increased-91-in-2017-thanks-to-iot/</a><br><br>Feel free to correct!</div><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br></div><br><br><br><div class="mt-signature">
<a href="https://mailtrack.io/" class="mt-signature-logo" style="text-decoration:none"><img src="https://s3-eu-west-1.amazonaws.com/mailtrack-crx/icon-signature.png" height="14"></a>
<font style="color:#999">Sent with <a href="https://chrome.google.com/webstore/detail/mailtrack-for-gmail-inbox/ndnaehgpjlnokgebbaldlmgkapkpjkkb?utm_source=gmail&utm_medium=signature&utm_campaign=signaturevirality" class="mt-install">Mailtrack</a></font>
</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jan 26, 2018 at 9:41 AM, Jan Schaumann <span dir="ltr"><<a href="mailto:jschauma@stevens.edu" target="_blank">jschauma@stevens.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">Divyendra Patil <<a href="mailto:dpatil3@stevens.edu">dpatil3@stevens.edu</a>> wrote:<br>
><br>
> How does a SysAdmin face a DDoS attack on a system he is monitoring/looking over.<br>
<br>
</span>On the topic of DDoS attacks, I just came across this link, which<br>
describes the different types well:<br>
<br>
<a href="https://www.incapsula.com/blog/security-glossary-top-12-ddos-attack-types-need-know.html" rel="noreferrer" target="_blank">https://www.incapsula.com/<wbr>blog/security-glossary-top-12-<wbr>ddos-attack-types-need-know.<wbr>html</a><br>
<div class="HOEnZb"><div class="h5"><br>
-Jan<br>
______________________________<wbr>_________________<br>
cs615asa mailing list<br>
<a href="mailto:cs615asa@lists.stevens.edu">cs615asa@lists.stevens.edu</a><br>
<a href="https://lists.stevens.edu/mailman/listinfo/cs615asa" rel="noreferrer" target="_blank">https://lists.stevens.edu/<wbr>mailman/listinfo/cs615asa</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><font face="tahoma, sans-serif" size="2">Thank You.<br>Divyendra Patil.</font></div><div dir="ltr"><font face="tahoma, sans-serif" size="2"><div style="display:inline">MS </div><div style="display:inline">Cyber Security<br><a href="https://github.com/DivyendraPatil/MS-Cyber-Security-Solutions/tree/master/CS%20615%20-%20System%20Administration/dpatil3-notes" target="_blank">Github 615A</a></div></font></div></div><div dir="ltr"><div style="display:inline"><a href="http://divyendra.com" target="_blank"><font face="tahoma, sans-serif" size="2">http://divyendra.com</font></a></div></div></div></div></div></div></div></div></div></div>
</div>