With using Control+F you can navigate easily trough the thread Sections
DoS/DDoS
What is DDoS actually?
Is it illegal? Will I get easily caught?
How to DDoS?
Spoofing
How to prevent a DDoS Attack?
DDoS Ampflication.
Layer 4 and Layer 7
Scripts.
Websites that allows spoofing.
DoS/DDoS
DoS (Denial of Service)
DDoS (Distributed Denial Of Serivce)
They both have a large difference, DoS is sending from one location, and DDoS is sending from multiple locations.
What is DDos actually?
DDoS is basicly sending out packets, and preventing the usert from connecting to the destination.
Basicly the user is trying to connect 1.1.1.1, And the attacker is sending packets to 1.1.1.1 to prevent the user from connecting.
When the host isnt being ddosed :
User > Testing Connection > 1.1.1.1 > Succesfully connected.
When a DDoS attack is active :
User > Testing Connection > Connection failed > Timeout on 1.1.1.1
Is it illegal? Will I get easily caught?
In some ways, DDoS is legal, but mostly DDoS is illegal, DDoS is also called Stress-testing, that means you are testing your server, to see If your server can handle a large amount of bandwith in.
But DDoS is mostly illegal, and for illegal purposes used, like attacking homeconnections without permission.
Is it easy to get caught? No, depends on where you are sending the attack from, you can hide your location with a VPN (Virtual Private Network).
How to DDoS/DoS
A denial of service attack is basicly sending out packets from your location to a destination, to prevent a user connecting to the destination.
You can DoS simply with using Control+R and type in CMD.exe, then type something like ping (host), this is basicly pinging the destination.
Pinging wont do much, So you can buy a server and send packets from that, that will make you getting caught a lower chance, most hosts doesnt allow DDoS attacks, and will simply cancel your dedicated server/VPS.
You need a host that allows spoofing, So your destination doesnt know wher e to send the abuse report to, this will prevent you from getting your server canceled Not all hosts allow spoofing
Spoofing
What is spoofing you ask? Spoofing is basicly hiding your host so the destination doesnt know, where the packets come from, Here is how spoofing looks like :
How to prevent DDoS attacks?
Preventing DDoS attacks, isnt that simple you think it is, There are alot of different ways to stop DDoS attacks, You can ask for DDoS Protection by your host, or you can get migation, migation is basicly spreading all the packets to a set of servers so your main server doesnt get too much packets in, a reverse proxy can be used also.
How to block XMLRPC attacks?
Simply block the Wordpress Useragent, and make them redirect to a blank page.
DDoS Ampflication
What is DDoS ampflication you ask? Well its basicly a ampflication of your DDoS attacks, there are alot of different methods to use for ampflication attacks, You double your DDoS attacks using a ampflication method.
Here is a list of different amp (ampflication) methods :
NTP
SNMP
MSSQL
DNS
SSDP
tFTP
Chargen
OVH
NETBIOS
QUAKE
Layer 4 and Layer 7
What is the difference about Layer 4 and Layer7 you ask?
Layer 4 is basicly sending out data/packets.
Layer 7 is sending out fake users, to a webserver.
List of Layer 4 and Layer 7 methods.
Layer 4
NTP
SNMP
MSSQL
DNS
SSDP
tFTP
Chargen
OVH
NETBIOS
QUAKE
UDP
TCP
Layer 7
ARME
GET
HEAD
POST
Rand
RUDY
XMLRPC
Goldeneye
Pyloris
Scripts
Well, you need scripts also before DDoSing, so here is a thread where a large amount of scripts got posted
-->[Please login or register to view this link]
Compile using chmod 777 (file)
Scanning and Filtering.
Scanning and filtering, is really important for your ampflication methods.
Scanning is basicly searching around the world, for IPs that your ampflication method can use, to double the attack amount.
How do you filter you ask me?
Here are some filter scripts, made by QuezzStresser.
[Please login or register to view this link]
[Please login or register to view this link]
[Please login or register to view this link]
[Please login or register to view this link]
Use them with installing PHP.
Filtering is testing the timeout on the IPs you scanned, the lower the timeout the higher your amp rate is.
Websites that allow spoofing.
[Please login or register to view this link]
[Please login or register to view this link]
[Please login or register to view this link] | Layer 7 only.
use OVH for scanning.
Did you like my tutorial thread? Please leave a thanks
Did you like my tutorial thread? Please leave a thanks,
Credits to the owner of this thread
