DOS Attack Types And Tools

Denial of service (DOS) attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols.


Teardrop attack

is type of attack where fragmented packets are forged to overlap each other when the receiving host tries to reassemble them.


Ping of death:

type of DoS attack in which the attacker sends a ping request that is larger than 65,536 bytes, which is the maximum size that IP allows. While a ping larger than 65,536 bytes is too large to fit in one packet that can be transmitted, TCP/IP allows a packet to be fragmented, essentially splitting the packet into smaller segments that are eventually reassembled. Attacks took advantage of this flaw by fragmenting packets that when received would total more than the allowed number of bytes and would effectively cause a buffer overload on the operating system at the receiving end, crashing the system. Ping of death attacks are rare today as most operating systems have been fixed to prevent this type of attack from occurring.


DDOS Attack:

A distributed denial of service attack (DDoS) occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. This is the result of multiple compromised systems (for example a botnet) flooding the targeted system(s) with traffic. When a server is overloaded with connections, new connections can no longer be accepted.


Peer to Peer Attack:

Attackers have found a way to exploit a number of bugs in peer-to-peer servers to initiate DDoS attacks. Peer-to-peer attacks are different from regular botnet-based attacks. With peer-to-peer there is no botnet and the attacker does not have to communicate with the clients it subverts. Instead, the attacker acts as a “puppet master,” instructing clients of large peer-to-peer file sharing hubs to disconnect from their peer-to-peer network and to connect to the victim’s website instead. As a result, several thousand computers may aggressively try to connect to a target website. While peer-to-peer attacks are easy to identify with signatures, the large number of IP addresses that need to be blocked (often over 250,000 during the course of a large-scale attack) means that this type of attack can overwhelm mitigation defenses.

For all known DOS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks.

Top 10 Dos Attack Tools

1. LOIC (Low Orbit Ion Canon)
This tool was used by the popular hackers group Anonymous. This tool is really easy to use, even for a beginner. This tool performs a DOS attack by sending UDP, TCP, or HTTP requests to the victim server. You only need to know the URL of IP address of the server and the tool will do the rest.

2. HOIC: High Orbit Ion Canon HOIC
HIgh Orbit Ion Canon HOIC is Anonymous DDOS Tool. HOIC is an Windows executable file

High-speed multi-threaded HTTP Flood

– Simultaenously flood up to 256 websites at once
– Built in scripting system to allow the deployment of ‘boosters’, scripts
designed to thwart DDoS counter measures and increase DoS output.
– Easy to use interface
– C an be ported over to Linux/Mac with a few bug fixes (I do not have
either systems so I do
– Ability to select the number of threads in an ongoing attack
– Ability to throttle attacks individually with three settings: LOW, MEDIUM,
and HIGH –


XOIC is another nice DOS attacking tool. It performs a DOS attack an any server with an IP address, a user-selected port, and a user-selected protocol.

XOIC have 3 modes:
-Test Mode
-Normal DoS attack mode (No request counter and TCP HTTP UDP ICMP message because of performance )
-DoS attack with a TCP/HTTP/UDP/ICMP Message

4. Tor Hammer
Tor’s Hammer is a slow post dos testing tool written in Python. It can also be run through the Tor network to be anonymized. If you are going to run it with Tor it assumes you are running Tor on Kills most unprotected web servers running Apache and IIS via a single instance. Kills Apache 1.X and older IIS with ~128 threads, newer IIS and Apache 2.X with ~256 threads.

5. Anonymous-DoS
Anonymous-DoS is a http flood program written in hta and javascript, designed
to be lightweight, portable, possible to be uploaded to websites whilst still
having a client version, and made for Anonymous ddos attacks.

How does it work?
It will flood a chosen web server with HTTP connections, with enough it will
crash the server, resulting in a denial of service.

It is a tool for committing distributed denial of service attacks using execution on other sites.

7. PyLoris

PyLoris is a scriptable tool for testing a server’s vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.

8. Dereil
Dereil is professional (DDoS) Tools with modern patterns for attack via tcp , udp and http protocols . In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users.

9. Moihack Port-Flooder
This is a simple Port Flooder written in Python 3.2 Use this tool to quickly stress test your network devices and measure your router’s or server’s load. Features are available in features section below. Moihack DoS Attack Tool was the name of the 1st version of the program. Moihack Port-Flooder is the Reloaded Version of the program with major code rewrite and changes.

DDOSIM simulates several zombie hosts (having random IP addresses) which create full TCP connections to the target server. After completing the connection, DDOSIM starts the conversation with the listening application (e.g. HTTP server).


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s