Hacking and using DDOS

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

after reading the numerous stories in the past few months and people bringing down websites by using DDOS and being labelled as hackers it got me wondering about something.

I thought that people that is the sense were true hackers frowned upon using ddos as it is a very basic and childish way of doing something and really doesnt gain anything. I may be wrong but thought I would see your insights to what you think about this and using DDOS.

cheers

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

I wouldn't call a DDoS a hack necessarily, it's basically someone intitiating thousands of packets being sent to a server via several computers, it's not actually getting inside of their network, it's just causing a server to have so much data that it can't possibly respond, and that's why it times out.

DDoS, is a Distributed Denial of Service attack, i.e - multiple systems flood the bandwidth.

Denial-of-service attack - Wikipedia, the free encyclopedia has a good breakdown of DoS attacks and what the mean.

Actual hacking into systems, i.e what these lulzsec lot have done would be alot different to these, if what the media reports is correct (Them obtaining actual data)

Either way, anyone who does either hacking or ddos' have alot of knowledge, if they put it to good use i'm sure thye could make mega $$$ in an actual job, but 9/10 of them are social recluse's who rarely leave their house and have problems with the real world.

 

Apexes pretty much answered your question, but...

A DDoS (or indeed a DoS) can be used to help penetrate a network or system. This works in multiple ways but one of them is forcing a machine to reboot, allowing a potential exploit to become available. You can also use a (D)DoS to force the null routing of an IP, which means any large company will potentially then switch their DNS records over to a second, backup system/network to prevent loss of business. This then reveals this network to the hackers, allowing them to find another attack vector or also bring that network down.

Sadly I can't agree with Apexes that being able to DDoS constitutes being intelligent or acts as a basis for earning money (except, as proven by prior cases, to sell such services to businesses wishing to take out rivals) based on the "skill" of (D)DoSing. It's actually quite easy to DDoS these days with only a very simple understand of how networking works (the basics of IP will do). The reason for this is not because the task is simple, but because the tools that accomplish the task are simple, and the act of obtaining them is elementary. Do a Google/Wikipedia search for "botnet" and see what you can find out.

Hacking as whole requires a lot of skill and intelligence. Those who can "hack" (although the correct term would be "crack") are generally people who have spent a very large amount of time studying and understanding the very internal workings of computer hardware, networks and software. These people are the ones who tend to reverse-engineer software to find exploits, or review the openly available source code to some popular software, such as the Apache web server, in an effort to find a new flaw they can use, either against an existing target or for a potential targets in the future. This requires another trait - time and patience. All these skills rolled into a single individual can be incredibly dangerous for society or businesses, or they can be very good (they can be either black, grey or whit hats, for example).

Overall DDoSing is seen as a child-like act, but in reality it can and is used as a method of gaining entry to a computer system or network.

That's my two cents anyway.

 

I dislike any form of attack - it generally inconveniences genuine users or customers.

As Apexes said, there are different things at work here.
Hacking is getting in an accessing or changing data. A few of the recent high profile cases - such as the playstation network - the site being down as a result of the hack is usually a deliberate action by the site owner rather than a side effect of the hack itself.

Ddos may be childish compared to other attacks because I suppose it is fairly unrefined from a technical point of view. As to not gaining anything, well, that depends on what your intentions are. If you want to take down a website then it gains you that I guess.

Depends on who is doing the hacking. If it is a kid who has just watched a ddos video on youtube then that's one thing. If it's part of an attack by an organised group for political or competative gain, then I suppose that's something else.

 

Agreed, Sorry, i kinda worded that wrongly. I meant bigger organizations in terms of sending out DDoS's - rather than the script kiddie sat at his PC with a GUI, i meant the guys who hardcode this stuff in, create/setup botnets - the bigger picture, who seem to target the organizations, rather than the individual websites.

 

Ah right! Yes the peeps that sit there, hacking away at code, scanning networks and discovering fresh, new exploits specifically targeted at a specific business are usually amongst the intellectual elite... that rules me out then

 

Nevermind

 

A DDoS is childish but can be effective, if you get a decent sized botnet you can take down a website down for quite some time which will cost a company money in lost revenue as well as additional cost trying to filter out the DDoS traffic or switching your website to a different IP address and wait for DNS propagation or get hooked up with a faster Internet connection and more servers to handle the traffic.

But I have heard of botnet runners trying to demand money from companies to stop a DDoS attack or prevent one or renting out botnets to others so they can do a DDoS (or use the zombie computers for other things such as spam).

Most of the time I see DDoS attacks to be from lesser hackers trying to gain bragging rights by trying to take down a well known website, I know when I worked for MySpace several years ago MySpace would get hit with DDoS attacks at random times, it never worked because MySpace had major pipelines to the Internet and a huge amount of servers to handle the data load so at most the network bandwidth would spike up a few percent but never high enough that it would be noticeable.

Personally, I always thought of DDoS as an attack of last resort or out of frustration, if I can't crack my way into the network then send a DDoS attack to try to cause some damage.

GW