1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hacking and using DDOS

Discussion in 'The Lounge - Off Topic' started by j1mgg, Jun 29, 2011.

  1. j1mgg

    j1mgg Kilobyte Poster

    341
    5
    39
    after reading the numerous stories in the past few months and people bringing down websites by using DDOS and being labelled as hackers it got me wondering about something.

    I thought that people that is the sense were true hackers frowned upon using ddos as it is a very basic and childish way of doing something and really doesnt gain anything. I may be wrong but thought I would see your insights to what you think about this and using DDOS.

    cheers
     
    Certifications: Comptia A+, ITIL V3 Foundation, MCDST, 70-270, 70-290
    WIP: 70-291, security+ and SSCP
  2. Apexes

    Apexes Gigabyte Poster

    1,051
    78
    141
    I wouldn't call a DDoS a hack necessarily, it's basically someone intitiating thousands of packets being sent to a server via several computers, it's not actually getting inside of their network, it's just causing a server to have so much data that it can't possibly respond, and that's why it times out.

    DDoS, is a Distributed Denial of Service attack, i.e - multiple systems flood the bandwidth.

    Denial-of-service attack - Wikipedia, the free encyclopedia has a good breakdown of DoS attacks and what the mean.

    Actual hacking into systems, i.e what these lulzsec lot have done would be alot different to these, if what the media reports is correct (Them obtaining actual data)

    Either way, anyone who does either hacking or ddos' have alot of knowledge, if they put it to good use i'm sure thye could make mega $$$ in an actual job, but 9/10 of them are social recluse's who rarely leave their house and have problems with the real world.
     
    Last edited: Jun 29, 2011
    Certifications: 70-243 MCTS: ConfigMgr 2012 | MCSE: Private Cloud
  3. mcrilly

    mcrilly Byte Poster

    108
    1
    46
    Apexes pretty much answered your question, but...

    A DDoS (or indeed a DoS) can be used to help penetrate a network or system. This works in multiple ways but one of them is forcing a machine to reboot, allowing a potential exploit to become available. You can also use a (D)DoS to force the null routing of an IP, which means any large company will potentially then switch their DNS records over to a second, backup system/network to prevent loss of business. This then reveals this network to the hackers, allowing them to find another attack vector or also bring that network down.

    Sadly I can't agree with Apexes that being able to DDoS constitutes being intelligent or acts as a basis for earning money (except, as proven by prior cases, to sell such services to businesses wishing to take out rivals) based on the "skill" of (D)DoSing. It's actually quite easy to DDoS these days with only a very simple understand of how networking works (the basics of IP will do). The reason for this is not because the task is simple, but because the tools that accomplish the task are simple, and the act of obtaining them is elementary. Do a Google/Wikipedia search for "botnet" and see what you can find out.

    Hacking as whole requires a lot of skill and intelligence. Those who can "hack" (although the correct term would be "crack") are generally people who have spent a very large amount of time studying and understanding the very internal workings of computer hardware, networks and software. These people are the ones who tend to reverse-engineer software to find exploits, or review the openly available source code to some popular software, such as the Apache web server, in an effort to find a new flaw they can use, either against an existing target or for a potential targets in the future. This requires another trait - time and patience. All these skills rolled into a single individual can be incredibly dangerous for society or businesses, or they can be very good (they can be either black, grey or whit hats, for example).

    Overall DDoSing is seen as a child-like act, but in reality it can and is used as a method of gaining entry to a computer system or network.

    That's my two cents anyway.
     
    Certifications: CCENT
    WIP: CCNA, RHCE, & VCP
  4. JonnyMX

    JonnyMX Petabyte Poster

    5,239
    211
    236
    I dislike any form of attack - it generally inconveniences genuine users or customers.

    As Apexes said, there are different things at work here.
    Hacking is getting in an accessing or changing data. A few of the recent high profile cases - such as the playstation network - the site being down as a result of the hack is usually a deliberate action by the site owner rather than a side effect of the hack itself.

    Ddos may be childish compared to other attacks because I suppose it is fairly unrefined from a technical point of view. As to not gaining anything, well, that depends on what your intentions are. If you want to take down a website then it gains you that I guess.

    Depends on who is doing the hacking. If it is a kid who has just watched a ddos video on youtube then that's one thing. If it's part of an attack by an organised group for political or competative gain, then I suppose that's something else.
     
    Certifications: MCT, MCTS, i-Net+, CIW CI, Prince2, MSP, MCSD
  5. Apexes

    Apexes Gigabyte Poster

    1,051
    78
    141
    Agreed, Sorry, i kinda worded that wrongly. I meant bigger organizations in terms of sending out DDoS's - rather than the script kiddie sat at his PC with a GUI, i meant the guys who hardcode this stuff in, create/setup botnets - the bigger picture, who seem to target the organizations, rather than the individual websites.
     
    Certifications: 70-243 MCTS: ConfigMgr 2012 | MCSE: Private Cloud
  6. mcrilly

    mcrilly Byte Poster

    108
    1
    46
    Ah right! Yes the peeps that sit there, hacking away at code, scanning networks and discovering fresh, new exploits specifically targeted at a specific business are usually amongst the intellectual elite... that rules me out then :cry:
     
    Certifications: CCENT
    WIP: CCNA, RHCE, & VCP
  7. jk2447

    jk2447 Petabyte Poster Moderator

    5,481
    352
    249
    Its not that its childish, its just one way to impact a target, obvious morally wrong but within certain circles not considered childish. It could be argued that it is less malicious than gaining access to a network and destroying a database say as once the attack stops the target is relatively unchanged. I think this is why Anon use it IMHO.

    If someone only knew how to do a DDOS then you could say they are not particularly skilled.

    With regard to "hackers" being reclusive social outcasts, I believe this is an outdated stereotypical view. Kind of like saying you're dim if you're blonde. I think some of them only develop aspergers when the police pick them up ha ha
     
    Certifications: BSc (Hons), HND IT, HND Computing, ITIL-F, MBCS CITP, MCP (270,290,291,293,294,298,299,410,411,412) MCTS (401,620,624,652) MCSA:Security, MCSE: Security, Security+, CPTS, VCP4, CCA (XenApp6.5), MCSA 2012, VCP5, VCP6-NV
  8. Apexes

    Apexes Gigabyte Poster

    1,051
    78
    141
    Nevermind
     
    Certifications: 70-243 MCTS: ConfigMgr 2012 | MCSE: Private Cloud
  9. mcrilly

    mcrilly Byte Poster

    108
    1
    46
    :cry:
     
    Certifications: CCENT
    WIP: CCNA, RHCE, & VCP
  10. GW

    GW Byte Poster

    119
    4
    39
    A DDoS is childish but can be effective, if you get a decent sized botnet you can take down a website down for quite some time which will cost a company money in lost revenue as well as additional cost trying to filter out the DDoS traffic or switching your website to a different IP address and wait for DNS propagation or get hooked up with a faster Internet connection and more servers to handle the traffic.

    But I have heard of botnet runners trying to demand money from companies to stop a DDoS attack or prevent one or renting out botnets to others so they can do a DDoS (or use the zombie computers for other things such as spam).

    Most of the time I see DDoS attacks to be from lesser hackers trying to gain bragging rights by trying to take down a well known website, I know when I worked for MySpace several years ago MySpace would get hit with DDoS attacks at random times, it never worked because MySpace had major pipelines to the Internet and a huge amount of servers to handle the data load so at most the network bandwidth would spike up a few percent but never high enough that it would be noticeable.

    Personally, I always thought of DDoS as an attack of last resort or out of frustration, if I can't crack my way into the network then send a DDoS attack to try to cause some damage.

    GW
     
    Certifications: MCP x4, CompTia x3
    WIP: Cisco CCNA

Share This Page

Loading...