Denial of Service: Attacking Availability
A Denial of Service attack is simple and effective against any opponent providing an online service. The activist group Anonymous made recent headlines with its coordinated DoS attack against Sony. Recall from the Cyber Attack discussion how a Denial of Service Attack works. Your target is the opposing team's web server and you will use the Low Orbit Ion Cannon tool to carry out your attack against it.
- Open your opponents' web page in a browser (www.blue.net or www.gold.net).
- Verify your opponent's Web server by using the
nslookup command. In a terminal, enter the following:
nslookup www.gold.net 188.8.131.52 for the blue team
nslookup www.blue.net 184.108.40.206 for the gold team
- Time to take the other team's web server down. Launch Low Orbit Ion Cannon by executing
loic in a terminal window. That command will start the program and its graphic interface will appear. Use your knowledge of networking and the diagram below as a guide to set the parameters prior to launching your team's attack.
- Enter the IP address of your opponents' web
server. Click 'Lock on'.
- Enter the port number used by web.
- Select the protocol used by web.
- Enter 250 for the number of threads, or whatever number is directed by your instructor.
Stop and wait until your team leader directs you to continue.
- When your instructor directs you, click the button labeled "IMMA CHARGIN MAH LAZER" (indicated by the green arrow) to start the DoS attack. In an instant, your entire team is flooding your opponent's web server with bogus packets. The target system will be so busy processing those bogus packets that it will not process valid packets in a timely manner; therefore, any legitimate attempts to load a web page will be significantly slowed or prevented entirely. You are now party to a distributed denial of service (DDoS) attack!
- Now, attempt to use your opponents' web server by reloading their web page (CTRL-R). It should simply timeout and be unavailable.
- When directed to stop your attack, close the Low Orbit Ion Cannon program to stop the DDoS attack and wait for further instructions.
Stop and wait until your instructor directs you to continue.