Opinions on LOIC

General technological topics without their own forum go here

Re: Opinions on LOIC

Post by VPR3 on Wed Jul 13, 2011 6:40 pm
([msg=59743]see Re: Opinions on LOIC[/msg])

capflyboy wrote:How does an ICMP flood work though?
I know it sends fragments of an IP and makes it impossible for the host to respond to legit packets/requests... right?


That's one type of ICMP flood. Fragmented packets forces the receiving OS to restructure the data when it arrives. Once the OS figures there not the right size, it crashes. Ping of death is basically causing a buffer over-flow with oversize ICMP messages that causes it to crash.
Last edited by VPR3 on Wed Jul 13, 2011 7:07 pm, edited 1 time in total.
VPR3
Poster
Poster
 
Posts: 161
Joined: Fri Apr 22, 2011 11:35 am
Blog: View Blog (0)


Re: Opinions on LOIC

Post by sanddbox on Wed Jul 13, 2011 11:10 pm
([msg=59749]see Re: Opinions on LOIC[/msg])

Serious mode:

capflyboy wrote:What would be a good place to learn and understand how it works?

I dont think it's wrong to use these programs.
As long as you know whats happening, and whats behind that button you're pushing.
I dont see anything wrong with that.


The fact that your understanding of something as simple as DoSing is lacking so much is what's wrong with that. In case you're wondering, LOIC doesn't spoof your IP Address so anyone you DoS will have your real IP address.

Anyway, on DoSing:

The 'Ping of Death' you are referring to refers to an old exploit where you could trick a computer into perpetually pinging itself (by setting the source and destination of the address to the target computer), so that each time you pinged the computer the pings would stay there, bouncing back and forth in your computer pretty much forever. Eventually (and quickly), you would reach a point where the pings would eat up the computer's bandwidth.

SYN flooding works by beginning tons of connections on a machine but not replying the server's SYN-ACK with an ACK of your own, thereby utilizing resources for half-alive connections (if the server allocates them).

An ICMP flood is extremely simple (although your explanation is completely wrong) - a target machine is simply flooded with packets until it either runs out of bandwidth or its packet response consumes enough CPU time to sufficiently disable the target machine.
Image

HTS User Composition:
95% Male
4.98% Female
.01% Monica
.01% Goat
User avatar
sanddbox
Expert
Expert
 
Posts: 2344
Joined: Sat Jul 04, 2009 5:20 pm
Blog: View Blog (0)


Re: Opinions on LOIC

Post by sodapop101 on Wed Jul 27, 2011 6:36 am
([msg=60178]see Re: Opinions on LOIC[/msg])

capflyboy wrote:I've heard good and bad about LOIC.
What are your opinions?
I saw a post from a ways back asking for help in the New Zealand DDoS attacks.
They had a link and everything to the anonomyous IRC for operation payback...
They linked to sourceforge so people could help wit the DDoS.
I figure if it's in large numbers of people attacking and you're using an IP hiding software.
You're good.
But if you're planning on one alone, you'd have to be retarded or using some crazy home crafted junk.... :lol:


Well, for one, you can't hide your IP with it.

And second, I've heard it's not a very safe program to use.
sodapop101
New User
New User
 
Posts: 42
Joined: Thu May 26, 2011 9:10 am
Blog: View Blog (0)


Re: Opinions on LOIC

Post by acevic on Sat Jul 30, 2011 9:04 am
([msg=60342]see Re: Opinions on LOIC[/msg])

capflyboy wrote:I've heard good and bad about LOIC.<br>What are your opinions?<br>I saw a post from a ways back asking for help in the New Zealand DDoS attacks.<br>They had a link and everything to the anonomyous IRC for operation payback...<br>They linked to sourceforge so people could help wit the DDoS.<br>I figure if it's in large numbers of people attacking and you're using an IP hiding software.<br>You're good.<br>But if you're planning on one alone, you'd have to be retarded or using some crazy home crafted junk.... :lol:


IMHO LOIC is a good tool for learning about DDOS attacks and pentesting. It is intentionally made not to spoof your IP to make sure the "uber-intelligent h4x0r5" don't do any damage and get away with it. If you do intend to use it, make sure it's on your own system or a system you are authorized to use it on.
My crime is that of outsmarting you, something that you will never forgive me
for.
User avatar
acevic
Poster
Poster
 
Posts: 328
Joined: Mon May 16, 2011 10:12 pm
Location: Siberia
Blog: View Blog (0)


Previous

Return to General

Who is online

Users browsing this forum: No registered users and 0 guests