So, a few days ago we had a lecture about Distributed Denial of Service attacks (DDoS). Basically, an attack of this sort works out in such a manner that it sends large amounts of data from many different nodes (computers etc.) to one source, like a webserver, to make it crash when it can`t process all the traffic it is being sent. Often these attacks are being made be botnets containing a large amount of computers infected with malware. But these attacks can also be performed by one person sitting on one computer. If you want to mess with a friend whose IP address you know, you can easily mess up his internet connection to the outside world.
For an example, have a look at one tool being installed and used with the Kali Linux distro. By entering a few simple command lines you are able to run an attack that will take down a website. And probably every website on the same server.
Recently (or, like in 2016) there was a massive DDoS attack on the servers of the company DYN that is hosting sites such as Twitter, Netflix, CNN and more. It was the largest one by far in history, more than twice as big as the last one. What made it so large was due to the fact it used insecure IoT-devices, estimated more than 100,000 of them.
So, there are many ways to perform an attack. But one thing I want to pursue is an idea that came to mind, but which I dont know if will work – or is even possible. The general idea is that in order to perform a high-scale DDoS-attack you need to have 100,000 computers or so sending packets to a certain source. And making all these machines keep doing it as long as possible. But, what if there was another way?
The idea that I am having, is that you would spoof the IP-address of the victim you wish to attack. And then you would send ping-packets to a large amount of known devices (computers, IoT`s, servers) and they would of course send this traffic back to you – or in this case, the victim. The pros in this is of course that you dont need to infect thousands of victims with malware to have them sending packets to the victim. But there are some issues, first of all – in order to make my “slaves” send 1000 packets, would my lone computer need to also send out 1000 packets? Is there a way to send one packet and then the slave sends 100 back and forth? Lastly, perhaps there is a way to delay the packet transfer/response? So that I can spend 24 hours sending a million packets, and all of them responding to the victim at the same time?
If I solve the issues with this, I am sure a simple Python script might do the trick. And you just might have the most powerful DDoS-tool in the world 🙂
NOTE: If you want to try and test this our yourself, please remember it is illegal! You need permission from the owner of the website and server in order to launch such an attack, and in some cases you would also need approval from you ISP.