Jump to content

User:RaymondLiugq/sandbox

From Wikipedia, the free encyclopedia


High Orbit Ion Cannon
Written inBASIC
Operating systemWindows, Mac OS, Linux
Size1.8 mb
Available inEnglish
TypeNetwork testing
LicensePublic domain
WebsiteHOIC at SourceForge

High Orbit Ion Cannon (HOIC) is an open source stress testing and denial-of-service attack application. It acts as a replacement to the Low Orbit Ion Cannon. HOIC tool was developed during the conclusion of Operation Payback[1].

The use of both Low Orbit Ion Cannon and HOIC for launching DDoS attacks was popularized in recent years by the hacktivist group Anonymous [2]. Unlike its “low-orbiting” cousin, HOIC is able to cause DoS through the use of HTTP Flood. Additionally, HOIC has a built-in scripting system that accepts .hoic files called “boosters”, allowing a user to implement some anti-DDoS randomization countermeasures as well as to increase the magnitude of the attack.[3] Inherently a DDoS program, it was suggested that HOIC requires a minimum of 50 users to successfully take down a website [4]. When multiple people use the HOIC at once on the same target, the damage can grow exponentially higher.[5]

While HOIC still has no significant obfuscation or anonymization techniques to protect the user, the use of .hoic “booster” scripts allows the user to specify a list of rotating target URLs, referrers, user agents, and headers in order to more effectively cause a DoS condition by attacking multiple pages on the same site, as well as make it seem like attacks are coming from a number of different users.

Origin of name

[edit]

The HOIC application is adapted from its predecessor, the LOIC, named after the ion cannon, a fictional weapon from many sci-fi works, and in particular after its name sake from the Command & Conquer series of video games.[6]

Use

[edit]

HOIC is essentially a simple script for launching HTTP POST and GET requests at a targeted server, wrapped in a friendly graphical interface. [7]. HOIC primarily performs a denial-of-service (DoS) attack (or when used by multiple individuals, a DDoS attack) on a target site by sending excessive traffic in an attempt to overload the site and bring it down. The HOIC uses “Boosters” (custom scripts) to target more than just a website’s home page. An unauthenticated, remote attacker using the HOIC could send traffic to a targeted URL in an attempt to overload the targeted website, resulting in a denial of service condition. In addition, the HOIC can target up to 256 web addresses simultaneously, making this tool a powerful resource for hackers who are attempting to conduct DDoS attacks. [8]

The number and firepower of botnets grows dramatically each year as well as the sophistication of application attack toolsets. HOIC and succeeding generations of volunteer botnet controlled PCs may evolve to pose a significant Internet-wide threat. However, traditionally the DDoS threat has come more from increasingly professional criminal hackers than volunteer activists.[9]

Limitations

[edit]

HOIC requires a coordinated group of users to ensure that the attacks are successful. Without group participation, an attack is unlikely to result in the target’s downtime. Although HOIC attempts to evade detection through randomization, analysts were able to identify several static attributes that make mitigation of attacks from this tool a fairly simple process.[10]

Freely available anonymizing networks generally aren’t up to the task of handling the bandwidth of attacks. Attempting to launch HOIC or other DDoS tools over Tor would amount to an attack on that network itself—and on the users who use it to protect themselves.[11]

Legality

[edit]

Using HOIC to mount a distributed denial of service attack on a website can result in a sentencing to a prison term. There have been many cases where individuals used similar tools like LOIC to launch attack on various websites that led to their arrest. After Operation Payback, criminal charges were brought against 13 members of Anonymous. They were charged with one count of "conspiracy to intentionally cause damage to a protected computer" for the event that happened on Sept. 16, 2010 to Jan. 2, 2011.[12] Mere orchestration of an attack might also lead to a jail term. One example is Christopher Weatherhead known as "Nerdo" who was 20 years old when he was involved in the Mastercard DDoS attack. He was convicted of "conspiracy to impair the operation of computers" and faced the prospect of up to 10 years in jail. Eventually he was sentenced to 18 months in prison at January 2013[13].The Computer Crime and Intellectual Property Section of the US Department of Justice handles cases of DDoS.[14] However Anonymous have petitioned the Government of the United States by posting a petition on the whitehouse.gov site, demanding that DDoS attacks be recognized as a form of virtual protest similar to Occupy protests.[15] Primarily, HOIC has been designed as a stress testing tool and can be used on a local network to stress test it as long as no other networks or URL's are disrupted. However it is perfectly fine to test locally-hosted or pretend web sites since it was originally a stress test tool. To ensure extra safety, remember to turn off your internet connection (router, cable modem or WiFi) before starting. [16]

Countermeasures

[edit]

There are several aspects of DDoS mitigation that administrators need to be aware of to be able effectively combat this potentially dangerous attack tool. A number of vendors are offering "DDoS resistant" hosting services, mostly based on techniques similar to content distribution networks. Distribution avoids single point of congestion and prevents the DDoS attack from concentrating on a single target. In addition to using a solid firewall strategy, administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent DDoS attacks.[17]

Attack on the Justice Department

[edit]

The HOIC was first utilized by the hacking group Anonymous, when they launched a cyber attack on the website of the US Department of Justice. It was done in retaliation to the crackdown by federal agents on the files sharing website, Megaupload. Over the course of a few hours, hacktivists involved with the loose knit group Anonymous waged attacks on site after site, and before long, the web presence for the Recording Industry Association of America (RIAA), Motion Picture Association of America (MPAA), Broadcast Music, Inc., or BMI. Finally as the day drew to a close the website belonging to the FBI was hit repeatedly before finally succumbing to attacks and acquiring a “Tango Down” status. Anonymous claimed that it was "the single largest Internet attack in its history" , while it was reported that as many as 27,000 user agents were taking part in the attack.[18][19]

See also

[edit]

References

[edit]
  1. ^ "High Orbit Ion Cannon (HOIC) Threat Advisory". stateoftheinternet.com. 2012-02-23. Retrieved 2015-04-06.
  2. ^ "Definition of HOIC". radware.com. 2012-09-27. Retrieved 2015-04-06.
  3. ^ "DDoS ATTACKS:MOTIVES, MECHANISMS AND MITIGATION" (PDF). Stephen Gates. 2013-05-16. Retrieved 2015-04-06.
  4. ^ "What is HOIC". Sam Biddle. 2012-02-18. Retrieved 2015-04-06.
  5. ^ "How DDoS Attacks Work, And Why They're So Hard To Stop". Jason Schreier. 2014-12-31. Retrieved 2015-04-06.
  6. ^ "Low Orbit Ion Cannon". Web.archive.org. 2012-09-27. Retrieved 2015-04-06.
  7. ^ "High Orbits and Slowlorises: understanding the Anonymous attack tools". arstechnica.com. 2012-02-16. Retrieved 2015-04-06.
  8. ^ "Glimpse into some hacking techniques". Avkash K. 2012-03-15. Retrieved 2015-04-06. {{cite web}}: Check |url= value (help)
  9. ^ "The internet goes to war". CRAIG LABOVITZ. 2010-12-14. Retrieved 2015-04-10.
  10. ^ "Threat: High Orbit Ion Cannon v2.1.003" (PDF). prolexic.com. 2012-02-16. Retrieved 2015-04-06.
  11. ^ "High Orbits and Slowlorises: understanding the Anonymous attack tools". arstechnica.com. 2012-02-16. Retrieved 2015-04-06.
  12. ^ "US charges 13 Anonymous members for DDoS attacks". Cisco. 2013-08-16. Retrieved 2015-04-06.
  13. ^ "What is LOIC and can I be arrested for DDoS'ing someone?". Troy Hunt. 2013-01-29. Retrieved 2015-03-06.
  14. ^ "United States Code: Title 18,1030. Fraud and related activity in connection with computers | Government Printing Office". www.gpo.gov. 2002-10-25. Retrieved 2015-04-18.
  15. ^ "Anonymous DDoS Petition: Group Calls On White House To Recognize Distributed Denial Of Service As Protest". HuffingtonPost.com. 2013-01-12. Retrieved 2015-04-16.
  16. ^ "Hackers' kit bag: the tools that terrorise the internet". James H. Hamlyn-Harris. 2015-03-09. Retrieved 2015-04-16.
  17. ^ "High Orbit Ion Cannon Distributed Denial of Service Tools". Cisco. 2012-02-16. Retrieved 2015-04-06.
  18. ^ "Anonymous Takes Down FBI, RIAA, DOJ and White House Following Megaupload Closure". Sofpedia. Retrieved 18 April 2015.
  19. ^ Kovacs, Eduard (January 20, 2012). "27,000 Computers Participating in OpMegaupload DDoS Attack (Exclusive)". Softpedia. Retrieved 18 April 2015.
Retrieved from "https://en.wikipedia.org/w/index.php?title=User:RaymondLiugq/sandbox&oldid=1019647510"