Low Orbit Ion Cannon

From SI410
Revision as of 02:40, 21 February 2017 by Olindner (Talk | contribs)

Jump to: navigation, search
Low Orbit Ion Cannon (LOIC)
File:LOIC.png
File:LOIC.png
Caption text
Type Network Stress-Testing Software
Launch Date 2014
Status Active
Product Line HOIC
Platform Windows
Linux
Website www.sourceforge.com
L
ow Orbit Ion Cannon
(LOIC) is an acronym that stands for "Low Orbit Ion Cannon." Not to be confused with a NASA project or a physical weapon, LOIC is an online tool/website that anyone with an internet connection can utilize. The program is free to download and is not illegal to have on your machine in principle.[1] LOIC is used to automate your computer to make HTTP, UDP, or TCP requests to a website at a certain frequency - both determined by the user.[2] This tool also has potential to be used maliciously, and if coordinated with enough other user, can be utilized to DDoS a predetermined website.


The GUI

A guide[2] to the LOIC GUI:

  • "Manual Mode (for pussies)" - Select this mode to manually select target and settings.
  • "FUCKING HIVE MIND" - Select this mode to volunteer your computer to the hive mind, and allow it to select the target URL. Note this only allows control of the local LOIC client, and not the full machine.[3]
  • IRC (Internet Resource Chat) server - Location where all machines (possibly in botnet) connect to be controlled by server administrator.
  • Port - A electronic gate/path which information flows into or out of.[4] Defaults to port 80.
  1. "Select your target"
    • Url (Uniform Resource Locator) - The name (reference) of the website you want to target.[5]
    • IP - Numerical reference to a machine on a network (where DNS is not being used).[6]
  2. "Ready?"
    • IMMA CHARGIN MAH LAZER - Begin the HTTP/UDP/TCP bombardment of the specified address.
  3. "Attack options"
    • Allows selection of TCP/UDP message on request log (that can be used to troll), timeout value, number of threads, and other customizations.

DoS/DDoS

DoS is an acronym that stands for "Denial of Service," and is often classified as a cyber attack. When a user attempts to visit a website, www.google.com for example, they are making a request to that page for information (ask for information that is stored in Google's servers to be loaded on the user's browser). The concept behind DoSing is that malicious attackers can continually send these HTTP/UDP/TCP requests to a website, and overload the site's capability to process all of the requests. If the attacker is able to achieve a sufficient threshold of requests, the site may "shut down" and be unable to process requests made by any user. This is where the attack coins its name as once the site is down, users that attempt to access the site are denied service to that page. [7]

DDoS stands for "Distributed Denial of Service," and refers to a combined effort of multiple machines attempting to shut down (DoS) a site. This set of multiple machines can take the form of multiple users with individual machines, a single user with a bot-net (link/elaborate), or a combination of the two. By utilizing more than one machine, this gives the attacker(s) the ability to send more HTTP requests. The more machines, the more requests per minute, and the more likely the site will be successfully shut down. [8]

Defenses against DoSing/DDoSing:

  • ip filtering
  • tollgate

Anonymous

Link

Project Chanology and Operation Pay-back

(can only link to actual Wikipedia)

Ethical Implications

Pros

  • stress testing websites' abilities to handle large numbers of requests at a time
  • upholding First Amendment
  • uniting tech community/hackers

Cons

  • DDoSing a given website and "taking it down"
  • incentivizing creation of BotNets
  • anyone can use: don't understand gravity of actions

Terms

  • GUI - Graphical User Interface[9]
  • Hive Mind - The collective
  • Troll -

References

  1. https://sourceforge.net/projects/loic/
  2. 2.0 2.1 http://resources.infosecinstitute.com/loic-dos-attacking-tool/#gref
  3. https://en.wikipedia.org/wiki/Internet_Relay_Chat
  4. http://whatismyipaddress.com/port
  5. https://docs.oracle.com/javase/tutorial/networking/urls/definition.html
  6. https://en.wikipedia.org/wiki/IP_address
  7. https://www.us-cert.gov/ncas/tips/ST04-015
  8. http://www.digitalattackmap.com/understanding-ddos/
  9. https://techterms.com/definition/gui