DDoS for n00bs

Okay, I admit I get a little annoyed when people talk like they know things (technically wise, in the field of IT), and that this is just another one of them.

Seems like so many little script kiddies are throwing the word “DDoS” around, usually using it as a means to threaten webmasters or whatnot.  A quick read of the Wikipedia page should show that they’re using the term quite wrongly.

No, running some PHP script on a shared hosting provider which continually requests a certain page from a server is NOT a DDoS attack.  Gawd.  At best, it’s a DoS attack (there’s no distributed component here), unless you’re running it from two servers (then I guess you could consider it distributed, although for all practical reasons, it isn’t much better).  Of course, being a shared hosting provider, they quickly find they reach the host’s limits, though there are plenty of shabby shared hosting providers which don’t properly limit people…

Anyway, for the n00bs out there who really do want to perform a “DDoS attack”, let me give you a simple example which is probably way more effective than your stupid direct attack.

  1. Look for an intensive page on your target website.  This may be difficult to identify, but use intuition here.  Pick a page which is generated by a script (eg PHP) that outputs a lot of data – that’s probably ideal.  If not possible, try a search results page (if it doesn’t require POST request methods), or whatever.  I don’t care, I’m not doing this attack.
  2. Register on some very popular forums that allow you to stick invalid images in your signature.
  3. Put the URL of the target page in your signature, something like this:
    [img]http://example.com/forums/attachment.php?aid=3[/img]
  4. Repeat for the various popular forums, and then make posts, mainly ones that are likely to be viewed by lots of people.
  5. You can also try various other sites which allow image embeds.

Any half arsed script kiddie should be able to figure out how this one works, so I’m not going to explain the intuition behind this.

Oh, and if you’re an admin, there’s no particularly *easy* way to get around this, unfortunately.  You can try hotlink protection, but that will break most inbound links to your website, or you can try fiddling with URLs (which can do the same thing), but ultimately, this “attack” causes traffic to your server to rise quite a lot without actually following the patterns of a typical DoS attack.

3 thoughts on “DDoS for n00bs

  1. Pirata Nervo

    Hey,

    Yeah I remember someone telling me he/she was going to do a DDoS to my website a while ago. I, of course, laughed because there would be no way in the world he/she could do a DDoS. (She/He didn’t even know what it was, she/he only knew the term but not what it was exactly..)

    Oh well, I’ll point this article to him/her next time he/she threatens me..

    1. ZiNgA BuRgA Post author

      Depends on your target and ability of the nodes you control.
      For large websites with multiple servers etc, it would take a lot more resources to take than than say, a small VPS.

Leave a Reply