Wednesday, 20 July 2016
What is denial of service attack?
Denial of service (DOS)
In computing, a denial-of-service (DoS) attack
is an attempt to make a machine or network resource unavailable to its
intended users, such as to temporarily or indefinitely interrupt or
suspend services of a host connected to the Internet.
Simple DoS attack is performed from single computer where attacker fluds request over network to a specific server by means of various protocols. a simple DoS attck would consist of thousands of ping requests which will overflow the buffers of servers or target leading it to crash or bluescreen errors.
Types:
Volume Based AttacksIncludes
UDP floods, ICMP floods, and other spoofed-packet floods. The attack’s
goal is to saturate the bandwidth of the attacked site, and magnitude is
measured in bits per second (Bps).
Protocol AttacksIncludes
SYN floods, fragmented packet attacks, Ping of Death, Smurf DDoS and
more. This type of attack consumes actual server resources, or those of
intermediate communication equipment, such as firewalls and load
balancers, and is measured in Packets per second.
Application Layer AttacksIncludes
low-and-slow attacks, GET/POST floods, attacks that target Apache,
Windows or OpenBSD vulnerabilities and more. Comprised of seemingly
legitimate and innocent requests, the goal of these attacks is to crash
the web server, and the magnitude is measured in Requests per second.
Tools:
1. LOIC (Low Orbit Ion Canon)
LOIC is one of the most popular DOS attacking tools freely available on the Internet. This tool was used by the popular hackers group Anonymous against many big companies’ networks last year. Anonymous has not only used the tool, but also requested Internet users to join their DDOS attack via IRC.
It can be used simply by a single user to perform a DOS attack on small servers. This tool is really easy to use, even for a beginner. This tool performs a DOS attack by sending UDP, TCP, or HTTP requests to the victim server. You only need to know the URL of IP address of the server and the tool will do the rest.
You can see the snapshot of the tool above. Enter the URL or IP address and then select the attack parameters. If you are not sure, you can leave the defaults. When you are done with everything, click on the big button saying “IMMA CHARGIN MAH LAZER” and it will start attacking on the target server. In a few seconds, you will see that the website has stopped responding to your requests.
This tool also has a HIVEMIND mode. It lets attacker control remote
LOIC systems to perform a DDOS attack. This feature is used to control
all other computers in your zombie network. This tool can be used for
both DOS attacks and DDOS attacks against any website or server.
The most important thing you should know is that LOIC does nothing to hide your IP address. If you are planning to use LOIC to perform a DOS attack, think again. Using a proxy will not help you because it will hit the proxy server not the target server. So using this tool against a server can create a trouble for you.
Download LOIC here:
2. XOIC
XOIC is another nice DOS attacking tool. It performs a DOS attack an any server with an IP address, a user-selected port, and a user-selected protocol. Developers of XOIC claim that XOIC is more powerful than LOIC in many ways. Like LOIC, it comes with an easy-to-use GUI, so a beginner can easily use this tool to perform attacks on other websites or servers.
In general, the tool comes with three attacking modes. The first one,
known as test mode, is very basic. The second is normal DOS attack
mode. The last one is a DOS attack mode that comes with a
TCP/HTTP/UDP/ICMP Message.
It is an effective tool and can be used against small websites. Never try it against your own website. You may end up crashing your own website’s server.
Download XOIC: http://sourceforge.net/projects/xoic/
3. HULK (HTTP Unbearable Load King)
HULK is another nice DOS attacking tool that generates a unique request for each and every generated request to obfuscated traffic at a web server. This tool uses many other techniques to avoid attack detection via known patterns.
It has a list of known user agents to use randomly with requests. It also uses referrer forgery and it can bypass caching engines, thus it directly hits the server’s resource pool.
The developer of the tool tested it on an IIS 7 web server with 4 GB RAM. This tool brought the server down in under one minute.
Download HULK here: http://packetstormsecurity.com/files/112856/HULK-Http-Unbearable-Load-King.html
4. DDOSIM—Layer 7 DDOS Simulator
DDOSIM is another popular DOS attacking tool. As the name suggests, it is used to perform DDOS attacks by simulating several zombie hosts. All zombie hosts create full TCP connections to the target server.
This tool is written in C++ and runs on Linux systems.
These are main features of DDOSIM
Read more about this tool here: http://stormsecurity.wordpress.com/2009/03/03/application-layer-ddos-simulator/
5. R-U-Dead-Yet
R-U-Dead-Yet is a HTTP post DOS attack tool. For short, it is also known as RUDY. It performs a DOS attack with a long form field submission via the POST method. This tool comes with an interactive console menu. It detects forms on a given URL and lets users select which forms and fields should be used for a POST-based DOS attack.
Download RUDY: https://code.google.com/p/r-u-dead-yet/
6. Tor’s Hammer
Tor’s Hammer is another nice DOS testing tool. It is a slow post tool written in Python. This tool has an extra advantage: It can be run through a TOR network to be anonymous while performing the attack. It is an effective tool that can kill Apache or IIS servers in few seconds.
Download TOR’s Hammer here: http://packetstormsecurity.com/files/98831/
7. PyLoris
PyLoris is said to be a testing tool for servers. It can be used to perform DOS attacks on a service. This tool can utilize SOCKS proxies and SSL connections to perform a DOS attack on a server. It can target various protocols, including HTTP, FTP, SMTP, IMAP, and Telnet. The latest version of the tool comes with a simple and easy-to-use GUI. Unlike other traditional DOS attacking tools, this tool directly hits the service.
Download PyLoris: http://sourceforge.net/projects/pyloris/
8. OWASP DOS HTTP POST
It is another nice tool to perform DOS attacks. You can use this tool to check whether your web server is able to defend DOS attack or not. Not only for defense, it can also be used to perform DOS attacks against a website.
Download here: https://code.google.com/p/owasp-dos-http-post/
9. DAVOSET
DAVOSET is yet another nice tool for performing DDOS attacks. The latest version of the tool has added support for cookies along with many other features. You can download DAVOSET for free from Packetstormsecurity.
Download DavoSET: http://packetstormsecurity.com/files/123084/DAVOSET-1.1.3.html
10. GoldenEye HTTP Denial Of Service Tool
GoldenEye is also a simple but effective DOS attacking tool. It was developed in Python for testing DOS attacks, but people also use it as hacking tool.
Download GoldenEye: http://packetstormsecurity.com/files/120966/GoldenEye-HTTP-Denial-Of-Service-Tool.html
Tools:
1. LOIC (Low Orbit Ion Canon)
LOIC is one of the most popular DOS attacking tools freely available on the Internet. This tool was used by the popular hackers group Anonymous against many big companies’ networks last year. Anonymous has not only used the tool, but also requested Internet users to join their DDOS attack via IRC.
It can be used simply by a single user to perform a DOS attack on small servers. This tool is really easy to use, even for a beginner. This tool performs a DOS attack by sending UDP, TCP, or HTTP requests to the victim server. You only need to know the URL of IP address of the server and the tool will do the rest.
You can see the snapshot of the tool above. Enter the URL or IP address and then select the attack parameters. If you are not sure, you can leave the defaults. When you are done with everything, click on the big button saying “IMMA CHARGIN MAH LAZER” and it will start attacking on the target server. In a few seconds, you will see that the website has stopped responding to your requests.
The most important thing you should know is that LOIC does nothing to hide your IP address. If you are planning to use LOIC to perform a DOS attack, think again. Using a proxy will not help you because it will hit the proxy server not the target server. So using this tool against a server can create a trouble for you.
Download LOIC here:
2. XOIC
XOIC is another nice DOS attacking tool. It performs a DOS attack an any server with an IP address, a user-selected port, and a user-selected protocol. Developers of XOIC claim that XOIC is more powerful than LOIC in many ways. Like LOIC, it comes with an easy-to-use GUI, so a beginner can easily use this tool to perform attacks on other websites or servers.
It is an effective tool and can be used against small websites. Never try it against your own website. You may end up crashing your own website’s server.
Download XOIC: http://sourceforge.net/projects/xoic/
3. HULK (HTTP Unbearable Load King)
HULK is another nice DOS attacking tool that generates a unique request for each and every generated request to obfuscated traffic at a web server. This tool uses many other techniques to avoid attack detection via known patterns.
It has a list of known user agents to use randomly with requests. It also uses referrer forgery and it can bypass caching engines, thus it directly hits the server’s resource pool.
The developer of the tool tested it on an IIS 7 web server with 4 GB RAM. This tool brought the server down in under one minute.
Download HULK here: http://packetstormsecurity.com/files/112856/HULK-Http-Unbearable-Load-King.html
4. DDOSIM—Layer 7 DDOS Simulator
DDOSIM is another popular DOS attacking tool. As the name suggests, it is used to perform DDOS attacks by simulating several zombie hosts. All zombie hosts create full TCP connections to the target server.
This tool is written in C++ and runs on Linux systems.
These are main features of DDOSIM
- Simulates several zombies in attack
- Random IP addresses
- TCP-connection-based attacks
- Application-layer DDOS attacks
- HTTP DDoS with valid requests
- HTTP DDoS with invalid requests (similar to a DC++ attack)
- SMTP DDoS
- TCP connection flood on random port
Read more about this tool here: http://stormsecurity.wordpress.com/2009/03/03/application-layer-ddos-simulator/
5. R-U-Dead-Yet
R-U-Dead-Yet is a HTTP post DOS attack tool. For short, it is also known as RUDY. It performs a DOS attack with a long form field submission via the POST method. This tool comes with an interactive console menu. It detects forms on a given URL and lets users select which forms and fields should be used for a POST-based DOS attack.
Download RUDY: https://code.google.com/p/r-u-dead-yet/
6. Tor’s Hammer
Tor’s Hammer is another nice DOS testing tool. It is a slow post tool written in Python. This tool has an extra advantage: It can be run through a TOR network to be anonymous while performing the attack. It is an effective tool that can kill Apache or IIS servers in few seconds.
Download TOR’s Hammer here: http://packetstormsecurity.com/files/98831/
7. PyLoris
PyLoris is said to be a testing tool for servers. It can be used to perform DOS attacks on a service. This tool can utilize SOCKS proxies and SSL connections to perform a DOS attack on a server. It can target various protocols, including HTTP, FTP, SMTP, IMAP, and Telnet. The latest version of the tool comes with a simple and easy-to-use GUI. Unlike other traditional DOS attacking tools, this tool directly hits the service.
Download PyLoris: http://sourceforge.net/projects/pyloris/
8. OWASP DOS HTTP POST
It is another nice tool to perform DOS attacks. You can use this tool to check whether your web server is able to defend DOS attack or not. Not only for defense, it can also be used to perform DOS attacks against a website.
Download here: https://code.google.com/p/owasp-dos-http-post/
9. DAVOSET
DAVOSET is yet another nice tool for performing DDOS attacks. The latest version of the tool has added support for cookies along with many other features. You can download DAVOSET for free from Packetstormsecurity.
Download DavoSET: http://packetstormsecurity.com/files/123084/DAVOSET-1.1.3.html
10. GoldenEye HTTP Denial Of Service Tool
GoldenEye is also a simple but effective DOS attacking tool. It was developed in Python for testing DOS attacks, but people also use it as hacking tool.
Download GoldenEye: http://packetstormsecurity.com/files/120966/GoldenEye-HTTP-Denial-Of-Service-Tool.html
Sunday, 17 July 2016
How to install PROCESSING in ubuntu
Processing is an open source computer programming language and integrated development environment (IDE) built for the electronic arts, new media art, and visual design communities with the purpose of teaching the fundamentals of computer programming in a visual context, and to serve as the foundation for electronic sketchbooks.
If you are an electronics enthusiastic and deal with arduino this is for you.
I assume you have basic knowledge of linux, if not you can always head over to tutorialspoint. Make sure you know how to use sudo.
First, download Processing. On Ubuntu 12.04, the 64-bit architecture is appropriate. It downloads as a .tgz archive, typically into the Downloads folder in your Home folder. You can extract the archive by double-clicking in Ubuntu’s file system browser or extract it from the command line in a Terminal with
If Processing just ran out of the box, you could double-click and run the
Next, in your Processing directory, rename the
Now create a symbolic link (symlink) to Oracle 7 Java’s java binary:
At this point, you should be able to run Processing from the Terminal with ./processing. It works for me. YMMV, but I suspect that it should work in most cases.
source
If you are an electronics enthusiastic and deal with arduino this is for you.
I assume you have basic knowledge of linux, if not you can always head over to tutorialspoint. Make sure you know how to use sudo.
First, download Processing. On Ubuntu 12.04, the 64-bit architecture is appropriate. It downloads as a .tgz archive, typically into the Downloads folder in your Home folder. You can extract the archive by double-clicking in Ubuntu’s file system browser or extract it from the command line in a Terminal with
tar -xf processing-2.2.1-linux64.tgz. Once you have extracted the folder processing-2.2.1,
you’ll need to decide where to locate it. I created a new directory,
Developer, in my Home Folder, and moved Processing to it just by
dragging and dropping. You could also install Processing in the /opt/ folder, though this requires an admin account and use of the Terminal.If Processing just ran out of the box, you could double-click and run the
processing script in the processing-2.2.1 folder or point a Terminal to the folder and type ./processing
and hit return (the latter is the approach I recommend). That is
unlikely to work because of incompatibilities with the downloaded
version of Java in Processing and the default Java environment on
Ubuntu. You can resolve the incompatibilities in two steps: installing a
new version of Java and adjusting Processing’s directory structure.
After reading the supported platforms page in the Processing Wiki, I decided that it made the most sense to install Oracle Java 7.Installing Oracle Java 7
Information on issues with Java can be found in Ubuntu Help. Take a moment to read the section on Oracle Java 7. Because of licensing issues, Java has to be downloaded and installed from Oracle. Fortunately, there is a tool to simplify this process at webupd8.org. The documentation is clear and simple, and I leave you to it. Once you’ve installed Java, run the Java environment variables installer, too. FWIW, here is my command history for this process: java -versionsudo add-apt-repository ppa:webupd8team/javasudo apt-get updatesudo apt-get install oracle-java7-installer
java -version
sudo apt-get install oracle-java7-set-default
update-alternatives --display java
Adjustments to Processing
Once you have Oracle Java 7 installed and set as the default version of Java in Ubuntu, you’ll still need to modify Processing to use the newly installed version instead of its own. First, copy Processing’s fonts to the newly installed version of Java. You’ll have to change the command lines to reflect the directory structure for your particular installation of Processing. Oracle Java 7 directories should be the same.cd /usr/lib/jvm/java-7-oracle/jre
sudo cp -R '/home/ignotus_mago/Developer/processing-2.2.1/java/lib/fonts' libNext, in your Processing directory, rename the
java folder.cd '/home/ignotus_mago/Developer/processing-2.2.1'
mv java java_oldNow create a symbolic link (symlink) to Oracle 7 Java’s java binary:
ln -s /usr/lib/jvm/java-7-oracle/jre javaAt this point, you should be able to run Processing from the Terminal with ./processing. It works for me. YMMV, but I suspect that it should work in most cases.
source
Tags: arduino, processing, ubuntu, data visualization
Subscribe to:
Comments (Atom)