LOIC and d0z.me: The things kids teach us
Some of you didn't like a story my pal George V. Hulme wrote for CSO on a tool called LOIC (the Low Orbit Ion Cannon) and how it goes to show the simplicity with which anyone can launch a DDoS these days.
The biggest criticism was that LOIC is overblown as a security threat.Here are a couple such comments that were posted after the story went live:
"LOIC has been around for quite some time, this is nothing new and in fact there are more powerful tools to use than this. Go ask The Jester. (The)article is behind the times."
"(The) previous comment is correct. Plus a large part of DDoS was from botnets brought into the fray. Look at Arbornet's analysis. LOIC is responsible for very little."
[The Arbor Networks analysis was pretty striking. Read about it here.]
Fair points from our readers. But the larger point of the story was that it's getting ridiculously easy for novices to find free tools to hurt their cyber neighbors with.
Here's another example, which I found this morning on the Softpedia site:
Ben Schmidt (@supernothing307 on Twitter), a computer science major at the University of Tulsa and self-described security enthusiast, has cooked up a new toy he calls d0z.me.
This service makes shortened links that take you to your desired website but hijacks your browser for DDoS duty in the process.
Ben said in his blog that he wants to shine a light on the insidious, dangerous nature behind many of the URL shorteners available to us.
He also described how the whole thing works:
"The concept is quite simple, really. Attackers go to d0z.me and enter a link they think could be popular/want to share, but also enter the address of a server that they would like to attack as well. Then, they share this text with as many people as possible, in as many places as possible. Extensive use of social media sites is probably a must achieve the best results.
"When users click on the link, they appear to be redirected to the requested content, but they are in fact looking at the page in an embedded iframe. This is identical to how those rather annoying Digg and Stumbleupon toolbars work, except the embedding is invisible to the user (minus the location URL in the toolbar). While the users are busy viewing the page, a malicious Javascript DoS runs in the background, hammering the targeted server with an deluge of requests from these unsuspecting clients. If these clients continue browsing from that page, we can maintain our DoS in the background the entire time."
I think Ben's endeavor illustrates George's point pretty well. I also think he and other hackers are right to try raising awareness to the dangers everyone now faces online.
What stinks is that these tools always end up in the wrong hands.
Chalk it up as just another chapter in the never-ending battle between good and evil, and be careful out there.
--Bill Brenner
Print
The biggest criticism was that LOIC is overblown as a security threat.Here are a couple such comments that were posted after the story went live:
"LOIC has been around for quite some time, this is nothing new and in fact there are more powerful tools to use than this. Go ask The Jester. (The)article is behind the times."
"(The) previous comment is correct. Plus a large part of DDoS was from botnets brought into the fray. Look at Arbornet's analysis. LOIC is responsible for very little."
[The Arbor Networks analysis was pretty striking. Read about it here.]
Fair points from our readers. But the larger point of the story was that it's getting ridiculously easy for novices to find free tools to hurt their cyber neighbors with.
Here's another example, which I found this morning on the Softpedia site:
Ben Schmidt (@supernothing307 on Twitter), a computer science major at the University of Tulsa and self-described security enthusiast, has cooked up a new toy he calls d0z.me.
This service makes shortened links that take you to your desired website but hijacks your browser for DDoS duty in the process.
Ben said in his blog that he wants to shine a light on the insidious, dangerous nature behind many of the URL shorteners available to us.
He also described how the whole thing works:
"The concept is quite simple, really. Attackers go to d0z.me and enter a link they think could be popular/want to share, but also enter the address of a server that they would like to attack as well. Then, they share this text with as many people as possible, in as many places as possible. Extensive use of social media sites is probably a must achieve the best results.
"When users click on the link, they appear to be redirected to the requested content, but they are in fact looking at the page in an embedded iframe. This is identical to how those rather annoying Digg and Stumbleupon toolbars work, except the embedding is invisible to the user (minus the location URL in the toolbar). While the users are busy viewing the page, a malicious Javascript DoS runs in the background, hammering the targeted server with an deluge of requests from these unsuspecting clients. If these clients continue browsing from that page, we can maintain our DoS in the background the entire time."
I think Ben's endeavor illustrates George's point pretty well. I also think he and other hackers are right to try raising awareness to the dangers everyone now faces online.
What stinks is that these tools always end up in the wrong hands.
Chalk it up as just another chapter in the never-ending battle between good and evil, and be careful out there.
--Bill Brenner
Previous Post: Security conferences: Why go?Next Post: 2011: The year self-evident security predictions die
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
WHITE PAPER
Reduce Email Archives up to 60%
Are you considering implementing a proactive archiving and eDiscovery solutions? This paper summarizes 15 separate soft cost savings when implementing Symantec Enterprise Vault and the Clearwell eDiscovery Platform.
WHITE PAPER
Aberdeen Report: To Patch, or Not to Patch? (Not If, But How)
The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.
Recent Comments
Webcasts
- The CISO's Survival Guide to Securing Data
- Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- FireEye Advanced Threat Protection KnowledgeVault
- Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets
- Moving Your Email to the Trusted Cloud
- Comprehensive Server Protection
White Papers
