Tools for Executing DoS Attacks

Previous page
Table of content
Next page
 < Day Day Up > 

Hundreds of tools are available to execute DoS attacks. The sections that follow examine three of the most popular tools:

  • Datapool

  • Hgod

  • Jolt2

Datapool

Spendor Datapool (http://www.packetstormsecurity.org) is a DoS tool that runs on Linux. At press time, Datapool 3 supported more than 100 different DoS attacks. Datapool requires that Fyodor's NMap (http://www.insecure.org) utility be installed in either /usr/local/bin or /usr/bin. Install NMap first, and either place it into these directories or have a symbolic link pointing to it.

Datapool is intelligent enough to keep a database of the most successful attacks so that you can try them first. It uses the following key files:

  • cipgen.sh Script for generating the IP addresses in a subnet.

  • datamass.sh Script for attacking multiple hosts.

  • datapool.sh Script for attacking a single host.

  • datapool.fc File that holds information on various DoS attacks. Look in this file to find the keywords to reference attacks when you are executing the program.

  • datapool.db Database that records the addresses of all IP addresses that were susceptible to DoS attacks.

Executing the datapool.sh command gives you the output illustrated in Figure 15-6.

Figure 15-6. datapool.sh Output


At a minimum, you need to specify the destination target. The following is typical attack syntax for attacking a host at 192.168.10.10 with a spoofed source address of 192.168.10.9:

  #./datapool.sh -d 192.168.10.10 -p 1-1024 -v results.log -l T1 -I 192.168.10.9 -c -   t 100

The v switch records the results into a log file. The l switch specifies the speed which, in this example, is the T1 speed. You should adjust this according to your bandwidth. The c switch tells the program to continue its attempts until it successfully halts your target. Finally, the t switch tells the program how many simultaneous sessions to start. The more sessions you start, the greater your chances of success will be. However, starting many sessions is processor and memory intensive.

Jolt2

Jolt2 is available on both Linux and Windows operating systems. It is an easy program to use because it does not provide many options. (See Figure 15-7.) Like many other DoS utilities, it allows you to spoof the source.

Figure 15-7. Jolt2


At its most basic use, type in the target IP address and the spoofed source address to launch a DoS attack, as demonstrated in Figure 15-8.

Figure 15-8. Jolt2 Syntax


Hgod

Hgod is another tool that runs on Windows XP. Like Jolt2 and Datapool, it allows you to spoof your source IP address. With it, you can specify both protocol (TCP/UDP/ICMP/IGMP) and port number (for UDP). Although Hgod supports other attacks, the default DoS attack is TCP SYN flooding. Figure 15-9 shows the available options for Hgod.

Figure 15-9. Hgod


To launch a SYN flood attack against 192.168.10.10 on port 80 with a spoofed address of 192.168.10.9, type the following:

  hgod 192.168.10.10 80 -s 192.168.10.9

Other Tools

There are many more DoS utilities beyond those mentioned in this chapter. You can find many excellent utilities and scripts at http://www.antiserver.it/Denial-Of-Service/index.html.

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Penetration Testing and Network Defense
    Penetration Testing and Network Defense
    ISBN: 1587052083
    EAN: 2147483647
    Year: 2005
    Pages: 209
    Authors: Andrew Whitaker, Daniel Newman
    BUY ON AMAZON
    Java I/O
    Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
    Adobe After Effects 7.0 Studio Techniques
    PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
    Mastering Delphi 7
    Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy