The Philippine Discussions Community Website 

COVID-19: Stay Home!


Get the latest information from the PHD about COVID-19. DOH: https://www.doh.gov.ph/2019-nCoV and WHO Tracker: https://who.sprinklr.com/
Topic Reactions
Topic Contributors
  • User avatar
 #393  by PhilDiscuss
 
Low Orbit Ion Cannon (LOIC) is a widely available, open-source application developed by Praetox Technologies used for network stress testing, as well as denial of service (DoS) and distributed denial of service (DDoS) attacks. JS LOIC—a JavaScript version of the application—and the web-based Low Orbit Web Cannon have also been released.

DDoS perpetrators use LOIC to flood target systems with junk TCP, UDP and HTTP GET requests. However, a single LOIC user is unable to generate enough requests to significantly impact a target. For an attack to succeed, thousands of users must coordinate and simultaneously direct traffic to the same network.

LOIC has been used in a number of high profile DDoS attacks, including:
  • Project Chanology – Launched in 2008, this campaign targeted the Church of Scientology for issuing a copyright violation against YouTube in an effort to have one of its videos removed.
  • Operation Payback – This widespread 2010 campaign targeted anti-piracy organizations, Visa, MasterCard, PayPal, Sony and the PlayStation network.
The LOIC version used in the above attacks contained a so-called HIVEMIND mode. It used internet relay chat servers to hijack junk traffic generated by users, thereby enabling individual perpetrators to create a botnet and stage attacks without prior coordination.

Attack description
To use LOIC, a perpetrator simply launches the application, enters a target URL or IP and then designates whether to launch a TCP, UDP or HTTP flood. The TCP and UDP modes send message strings and packets to select ports on the target, while the HTTP flood mode sends an endless volley of GET requests.

Once launched, LOIC opens multiple connection requests for a target server. It then sends a continuous series of messages until the server becomes overloaded and can’t respond to legitimate requests.

Image
LOIC’s widespread availability means perpetrators are easily able to recruit fellow users to stage a coordinated assault. Additionally, its ease of use lets anyone, regardless of knowledge or experience, to execute potentially severe DDoS attacks.

That being said, LOIC users are unable to route attack traffic through proxies. As a result their IP addresses are completely visible to a target, making them easy to trace.

Methods of mitigation
Small-scale LOIC attacks can be detected and blocked through basic network traffic monitors and firewalls. However, such defenses can be overpowered by a coordinated attack that can only be mitigated by a dedicated security solution.
 #394  by PhilDiscuss
 
Download:
Last Update: 2014-12-13

Low Orbit Ion Cannon.
The project just keeps and maintenances (bug fixing) the code written by the original author - Praetox, but is not associated or related with it.

DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES.

Features
  • Security
  • Stress Testing