This week, Dedicated Denial of Service, or DOS attacks hit the mainstream media big time, with the news that supporters of the WikiLeaks website were, as they saw it, fighting back against companies which had dared shun the site.
I’m no ‘hacker’, as large parts of the press like to term these armchair activists, but I have been familiar with the concept of what a denial of service attack is for a number of years. I had the pleasure of attending the Chaos Computer Club’s Easter Hack in Cologne back in 2008, and have watched these shadowy free-speech absolutists with admiration for years.
To perform a DOS attack such as operation payback, or #payback, you get as many people, or simply computers, to head for the same website at once, and hey presto, said website can’t cope with the requests.
So today, I thought I’d look at how to join operation payback, indeed how to join in a DOS attack, from a technical point of view. There’s no immediate masking of IP addresses with the software in question, so you can get caught pretty easy if your ISP wanted to assist your local authorities in this legal grey-area, but as a journo, it’s my right to find out ;)
It’s hilariously simple – although not as simple as the the most simple method, basically visiting the site in your browser. First, it seems most of the ‘anonymous’ peeps and others are using LOIC – or Low Orbit Ion Cannon – a very easy to operatre desktop client that fires off requests to a certain website. It’s a tongue-in-cheek name for a very 21st century form of conflict – although I’d hesitate to call it war as ‘the media’, which I’m a part of, has done. Activism, it certainly is.
There are plenty of places hosting LOIC for download. There may be other pieces of software for DOS attacks for the not-too-tech-savvy punter out there, but this could not be easier. You load it up, put your URL in (in this case, Visa, Mastercard, Amazon et al), and press the big button which says something along the lines of ‘Imma fire mah lazer’, and hey presto, you’re sending oodles of requests to the servers, along with your comrades, who’ve presumably used Twitter or chat rooms to all do it at the same time.
It’ll be fascinating to watch this sort of activism develop in the coming years.
- What Is LOIC? [Anonymous] (gizmodo.com)
- Wikileaks DOS Attack Tool: Not Anonymous (littlegreenfootballs.com)
- The Techpocalypse is DANGEROUSLY close (thenormanomicon.wordpress.com)
- How Operation Payback Executes Its Attacks (mashable.com)
- Pirate Bay appeal failure spawns more DoS attacks (go.theregister.com)
- WikiLeaks fans should think before they botnet (news.cnet.com)
- Dutch police arrest 16-year-old WikiLeaks avenger (descentintodarkness.wordpress.com)
- WikiLeaks: DDOS Attacks Reflect ‘Public Opinion’ (pcworld.com)