Slashdot Mirror

← Back to Stories (view on slashdot.org)

Downloads of DoS Attack Tool LOIC Spike

Posted by timothy on from the should-come-on-by-default dept.

wiredmikey writes "As Anonymous initiated what it said will be the 'largest attack ever on government and music industry sites' in response to actions taken by the Justice Department against operators of file sharing site Megaupload.com, downloads of a popular DoS attack tool have spiked. While the Denial of Service tool known as the 'Low Orbit Ion Cannon' (LOIC) was developed by the 'good guys' to stress test websites, it has been a favorite tool of Anonymous to take its targets offline via denial of service attacks. Interactions seen on Twitter and IRC, made it clear that the action against MegaUpload has sparked many more individuals to get involved in the online protests and download the LOIC to take part in the attacks and has resulted in a massive spike in downloads according Slashdot sister site Sourceforge."

40 of 267 comments (clear)

  1. And now script kiddies everywhere by Osgeld · · Score: 5, Funny

    have 2 new search terms to punch into google after the word download!

    1. Re:And now script kiddies everywhere by Osgeld · · Score: 4, Insightful

      ah racist troll, dumb as the tripe you spit out, Sydir was Russian and very much a guerrilla k thanks you dumb twat

      http://en.wikipedia.org/wiki/Sydir_Kovpak

    2. Re:And now script kiddies everywhere by Anonymous Coward · · Score: 4, Informative

      Yes, that's what we've called script kiddies since at least 1993.

      Script Kiddie = Someone who calls themselves a hacker, but doesn't actually know what they are doing, just using tools made by others.

      Back in the day, you could knock windows machines offline, steal the DUN passwords and then jack their accounts and do more mayhem using programs written by others. The peak was around the time of the Back Oriface utility... some dumb ISP's installed this scriptkiddieware onto their servers, and lolz were had.

      Windows has never been particularly secure operating system, but back in the Windows 3.1 and Windows 95 era, (before PPP was standard in the DUN) the security was non-existant. To this day I never save passwords when prompted to. Likewise ICS(NAT) was a new thing in Windows 98, which allowed for sharing internet connections with networked devices. It was also possible to reverse this and dial-in to machines that had two lines (or a backup dialout line,) and share the internet connections.

      Even as late as Windows XP SP1, there were still tools out there that can crash windows machines by simply connecting them to the internet without a firewall.

      Overall, that was the "fun years", when you could claim ignorance. As of Windows Vista, Windows is actually secure enough to not become infected the second you plug it in. Nowadays, most "hacking" to take down sites consists of just DDoS, and someone with a single connection can't overload someone else willy nilly. You have to get an army to do it. You want to see a potential SOPA solution? Anyone caught downloading infringing material must have their internet connection degraded to 512K down/up, (some ISP's have 1Mbit plans) upon warning sent via email. Clicking on a link in the email to acknowledge reading it, then restores the connection, and then leaves a 24 hour window in which no more emails will be sent. This way if an IP address is found "participating in malicious or illegal activity" it can just be crippled once to get the attention of the subscriber. If they continue past that point, they are not guaranteed to keep their internet access.

      I can assure you, especially with children, that all it takes is a warning every few months to get them to stop. But you have to add an embarrassing component to it, like DPI'ing the filename being transferred.

    3. Re:And now script kiddies everywhere by SuricouRaven · · Score: 4, Informative

      You might be surprised how weak some servers are. There are tools known as Slowloris and Anoctopus (They function in exactly the same way) that will disable a lot of servers with ease from even a low-bandwidth connection.

    4. Re:And now script kiddies everywhere by Jane+Q.+Public · · Score: 5, Funny

      You leave my sysdir out of this. She's due to get out in another year; she doesn't need any more trouble.

  2. Umm... by Anonymous Coward · · Score: 5, Insightful

    You're probably going to get caught if you don't know what you're doing.

    1. Re:Umm... by Hentes · · Score: 4, Insightful

      If you DoS from your own machine, you don't know what you are doing.

  3. Re:I took a LOIC in the ass by Osgeld · · Score: 4, Informative

    "Low Orbit Ion Cannon (LOIC) is an open source network stress testing and denial-of-service attack application, written in C#."

    God the AC's round here are getting fucking dumber

  4. Those downloading LOIC... by wbr1 · · Score: 5, Informative

    Those now downloading LOIC are not Anonymous.

    Seriously.. their IP has been logged!

    --
    Silence is a state of mime.
    1. Re:Those downloading LOIC... by wisnoskij · · Score: 4, Interesting

      I wonder if it is all people from outside of the USA? and I wonder if America would have any luck extraditing thousands of people for a single crime.
      I don't imagine that anyone non anonymously doing this in America really has a chance to get off easily. Something like this they are likely going to classify as terrorism.

      --
      Troll is not a replacement for I disagree.
    2. Re:Those downloading LOIC... by EdIII · · Score: 5, Funny

      That's absolutely hilarious.

      The whole idea of DoS is to flood the server with so many packets it cannot handle them all. TOR is so fucking slow you might as well be shunting the output of Hoover Damn through a silly straw.

      Not to mention the exit node for the connection is what is going to get picked up, and that is unlikely since TOR won't use 100% of the upstream.

      You just turned the beam from the Death Star down from "destroy" to "light tan".

    3. Re:Those downloading LOIC... by symbolset · · Score: 4, Informative

      LOIC has a javascript implementation where you can load a seemingly innocent page and then go to bed. Your browser will then hammer the affected sites 100,000 times an hour - and it's not your fault - because you can't be expected to know that a simple page can do that.

      --
      Help stamp out iliturcy.
  5. They're fools if they're not behind 7 proxies by DanTheManMS · · Score: 4, Informative

    After Operation Payback (the widespread use of LOIC against Bank of America, PayPal, and other entities that refused to process payments to Wikileaks), the FBI got involved. Raids were made. A freshman student at my own college was raided and had all his electronics taken away, and that was just for passively being an operator in an IRC channel that coordinated the attacks, not even running the tool himself.

    As an above poster said, LOIC is not anonymous. I hope these script kiddies aren't so foolish as to make the same mistakes twice.

    1. Re:They're fools if they're not behind 7 proxies by subreality · · Score: 5, Insightful

      I hope these script kiddies aren't so foolish as to make the same mistakes twice.

      Fuck that. I hope they do. DOS attacks are the lamest, most degenerate hacktivism ever. It doesn't change anyone's minds, it doesn't help create a better system, and it just causes damage in the process. The only thing it accomplishes is sating some primal desire for revenge, so I hope they get filtered out of the pool so the rest of us can go back to creating instead of defending.

      You want to try to make things better but you're feeling disenfranchised? Subvert the system. Work on decentralized DNS replacements. Work on anonymity networks. Work on improving Bitcoin to make it a serious contender. Generate content and release it for free.

      Don't destroy. Create.

    2. Re:They're fools if they're not behind 7 proxies by subreality · · Score: 4, Insightful

      Civil disobedience is flagrantly ignoring a law because it is unjust. If they ignore you, the sense of the law erodes. If they arrest you, you become a martyr. Either way you win. MegaUpload, The Pirate Bay, and all the positive things I mentioned earlier are civil disobedience.

      DOS attacks aren't like refusing to go to the back of the bus... They're sugar in the gas tank. Anonymous vandalism isn't going to generate sympathy from your fellow citizens.

    3. Re:They're fools if they're not behind 7 proxies by andydread · · Score: 4, Informative

      according to an episode of Mythbusters sugar does not work. Bleach on the other hand....

    4. Re:They're fools if they're not behind 7 proxies by jasomill · · Score: 5, Insightful

      Civil disobedience is flagrantly ignoring a law because it is unjust. If they ignore you, the sense of the law erodes. If they arrest you, you become a martyr. Either way you win. MegaUpload, The Pirate Bay, and all the positive things I mentioned earlier are civil disobedience.

      Thanks for mentioning this. I'd even go further and emphasize that, in practicing civil disobedience, one should welcome arrest, or at the very least not go out of one's way to evade it. In the words of Thoreau, "under a government which imprisons unjustly, the true place for a just man is also a prison."

      In my view, the MegaUpload case isn't even arguably civil disobedience. First, the accused maintain they did not violate any laws, unjust or otherwise. Second, assuming they did, and assuming they believe the laws are unjust, it's quite hard to maintain the moral high ground while also using massive financial gains from violating "unjust laws" to fuel incredibly extravagant lifestyles.

      In contrast, The Pirate Bay is a reasonable example. It's overt purpose is to wantonly violate what it believes are unjust copyright laws and to deny media companies the revenue they use to preempt discussion of copyright reform, and its maintainers have used whatever proceeds and attention they have gained from running the site to fuel further political action, not a fleet of expensive cars.

  6. Fight the power, Anon! by TiggertheMad · · Score: 5, Insightful

    I recently had an insight about Anon's activities. The reason hactivisim is gaining strength as a movement is because people are disenfranchised with society and seen conventional avenues of affecting change as a waste of time. The 'man' has a tight grip on the media, politicians and the police are being increasingly militarized for use on peaceful protesters.

    People are unhappy with the status quo. Unless change starts happening now and fast, I predict Anon's numbers and targets to grow substantially in the coming years.

    --

    HA! I just wasted some of your bandwidth with a frivolous sig!
    1. Re:Fight the power, Anon! by Anonymous Coward · · Score: 5, Insightful

      The reason hactivisim is gaining strength as a movement is because people are disenfranchised with society and seen conventional avenues of affecting change as a waste of time.

      Well, hear, hear. Obviously conventional avenues of effecting change are a waste of time; they have proven not to work. A bunch of nerds, techies, and assorted sending e-mails and letters to a representative? You get a standard text back. Bla-di-bla protect interests of creators bla-di-bla thousands of jobs.

      Now with Wikipedia and Google blacking out and providing the masses with uncensored information about SOPA and the obvious reaction, that it something that worked. That is why Dodd (MPAA) wants to meet in camera with the tech industry giants to see if they together can't work something out. The public again off the game board. And what are they going to do? Vote Democratic? You get what you have now: ACTA, SOPA/PIPA, etc. Vote Republican? Who knows what you would have gotten. Left or right, you lose.

      The only thing Dodd is scared about is a mainstream medium that is not part of the Entertainment Industry. A side-channel. What if that medium tasks itself to educating the public regarding copyrights and how ridiculous it is that a recording made in 1935 won't enter the Public Domain until 2067. What if it starts calling people to action? That is way more effective that DDOSing a few irrelevant sites.

    2. Re:Fight the power, Anon! by Anonymous Coward · · Score: 4, Insightful

      Taking a stand for MegaUpload? This is a perfect example of when anonymous gives itself a bad name.
      Kim DotCom is a greedy ruthlessly conniving pig of a man that makes wall street executives look noble in comparison. His success is based on the exploitation and stealing of others.

      This isnt fighting oppression, this is being a crybaby because you cant download your latest call of duty game in a few clicks

    3. Re:Fight the power, Anon! by flyingsquid · · Score: 5, Insightful

      I recently had an insight about Anon's activities. The reason hactivisim is gaining strength as a movement is because people are disenfranchised with society and seen conventional avenues of affecting change as a waste of time. The 'man' has a tight grip on the media, politicians and the police are being increasingly militarized for use on peaceful protesters. People are unhappy with the status quo. Unless change starts happening now and fast, I predict Anon's numbers and targets to grow substantially in the coming years.

      And these people are protesting what, exactly? That they might have to pay $8 in a theater to see the latest, oppressively stupid instalment of the "Transformers" franchise instead of getting to download it for free? Yeah, these guys are real crusaders for social justice.

      There's a right way and a wrong way to do online activism. Google and Wikipedia showed the right way to do it with their protests of SOPA. Their protests made a powerful statement about online freedom without attacking anyone, and it was amazing to see how quickly Congress retreated. By comparison, the Anonymous attacks just seem like a vindictive act of petty vandalism, by a bunch of kids who are angry because their parents have taken their toys away from them. It's not helping anything, if anything it's destructive. People are going to think "if this is what they mean by freedom of speech, then maybe I'm in favor of a little censorship".

    4. Re:Fight the power, Anon! by guttentag · · Score: 5, Insightful

      What if that medium tasks itself to educating the public regarding copyrights and how ridiculous it is that a recording made in 1935 won't enter the Public Domain until 2067.

      My favorite example of the ridiculousness of copyright abuse by the content industry is still Happy Birthday To You. The tune was first published in 1858... three years before Abraham Lincoln took office! Martin Van Buren, the country's 8th president, was still alive! Mark Twain wouldn't publish Tom Sawyer for another two decades! Yet this song was published in a few different forms over the next 80 years or so, and now the copyright on it does not expire until 2030... 172 years after it was first published. Think this is just some obscure case that no one takes seriously? Warner Music Group bought the rights to it in 1998, and as recently as 2008 they reported earning $5000 a day in royalties. Ever wonder why restaurant employees will embarrass you on your birthday but won't really sing Happy Birthday? Because it would be a public performance of a copyrighted work and they would be liable!

    5. Re:Fight the power, Anon! by bky1701 · · Score: 4, Insightful

      He was targeted because he offended the copyright industry. He is accused of doing something he did not, and should not be illegal anyway. That is why there was retaliation. If you valued freedom, you'd be calling for more. Instead, you cower and claim they "look bad" for standing up. You are despicable.

      --
      Great Intellect...
    6. Re:Fight the power, Anon! by dissy · · Score: 4, Informative

      We just got done with a well-constructed, well-reasoned, well-executed protest against SOPA and PIPA, and we killed those bills dead as a *direct result*.

      That simply has not happened.

      The sponsor of SOPA has recently also pushed new anti-childpornography laws through the house and congress, in preparation for attaching SOPA as a rider.

      He has already admitted the ONLY problem with the last SOPA was that he let the public know about it, giving them time to express their dislike, and has stated he learned from that mistake.

      As in, the damaging effects, the destruction it will cause, and the fact people are against it, he doesn't see any of that as a problem. Only that the public had time to counter it.

      This time next year, SOPA *WILL* be law.

      * Note I am not arguing in favor of DDoS either. You are quite right in that such attacks have not helped anything one bit, and are not part of any functioning solution.

  7. Re:Is it worth a year in a hellhole? by __aaqvdr516 · · Score: 5, Insightful

    Elections are coming up, don't give them any ideas for lofty goals that they might try to implement! I've seen them debate, they're all batshit crazy enough to try and do it.

  8. The Sheep’s Mere Sheep by Anonymous Coward · · Score: 5, Interesting

    ... easily dispersed should you strike the shepherd.

    Politicians, DoJ, even the RIAA and MPAA, these are mere sheep. Willing scapegoats, but immortal. You cannot destroy them. You must strike at the human minds behind.

    Take away the anonymity of the directors of the copyright owning corporations behind this. Expose their secrets. Illuminate their crimes. Dissolve their privacy, pull back the veil behind which they destroy human rights. Ruin their lives. Then tell them why. Tell the world why. Let them be a lesson.

    Do not be fooled into thinking your government is against you. Once educated, they will be your greatest ally. But they have been deceived. Strike at the heart of the corruption, not a symptom of it.

  9. Perhaps the mistake is ignoring the warning shots by Anonymous Coward · · Score: 5, Insightful

    I do agree with you, DOS attacks are pointless; however, what options are left? You make a bunch of statements but truthfully, all of them have been tried.

    I just had to switch ISPs since my current one decided that SSL connections would be limited to 7kb/s (Yes, just slightly higher than modem speeds) and I work from home and have to use a VPN. There reasoning is simply that file sharers are using SSL and they can't deep packet inspect them so there solution is to rate limit all SSL connections to a barely acceptable speed.

    As for subverting the system, or building something new to solve a problem that shouldn't exist, how many times must we do this? How many protocols for file sharing have been created already? They just keep adding laws or abusing laws or trying to force others to do their work for them (ISP, website owners, etc).

    Look at megaupload (I'm not a fan and have never used any file service like this) but the simple fact is that that company is no different than any other company (e.g., Google). The fact is that it is (or was) illegal to hold one person legally responsible for the actions of others, but that is exactly what the "law" is doing by arresting the owners of megaupload. At this point of time we no longer have Law (for the people), and without Law their is nothing left. The simple fact is this "token" assault is a peaceful demonstration (aka Internet equivalent of marching in the streets) that should be taken seriously; but as you, and others make clear, it will do nothing and/or provide fodder for even more laws. So at which point does the message have to go from peaceful to non-peaceful? This is what I am scared of as I believe there is little or no chance of a peaceful settlement anymore :( So I will encourage as much of this peaceful demonstration as much as possible for the small glimmer of hope that the message will get across before the worse case occurs....

    Back a person (including you) into a corner and sooner or later you realize you have no choice but to attack. High unemployment, unbalanced laws, misappropriation of laws/legal/justice, economic enslavement, loss of hope, loss of freedom, loss of the "american dream", and ignoring the will of the masses are all, in my opinion, signs that the perverbial shit is about to hit the fan....

    But keep thinking it's just about some kids that want to have some fun....

  10. Re:I took a LOIC in the ass by finkployd · · Score: 4, Funny

    Am not!

  11. Re:initiating first post blast by Anonymous Coward · · Score: 5, Insightful

    Ok so here's the real question.

    How many people have to be using it before the MafiAA and their paid goons in the government are required to stop calling it an "attack" and start calling it what it is, a civil protest no different from a lunch counter sit-in?

  12. Re:initiating first post blast by Anonymous Coward · · Score: 5, Insightful

    And neither does a DDoS. Also boycotts sometimes target entire supply chains or industries so I'm not sure that your analogy is anywhere close to be reasonable either from accuracy or as a decent comparison. I'm generally against these actions but acting like they don't have common ground with various disruptive non-violent tactics is silly. They are illegal, non-violent protest tactics just like lunch counter sit-ins wear. The real question is do they have moral legitimacy and will they be able to move beyond the disruptive force into a force that changes policy and cultural attitudes like other non-violent disruptions did in the physical world.

  13. Ineffective, as recent history shows by Okian+Warrior · · Score: 4, Interesting

    Yes, let's go back to working within the system because that has worked so well in the recent past.

    Have you been paying the slightest bit of attention?

    Do you honestly believe that educating the government will work when the entire SOPA blackout didn't?

    All attempts at working within the system have failed. It's time to try other avenues.

    Anonymous has chosen to promote change in their own way. It may work, it may not... but at least it has the *possibility* of working. We now know for certain that all the "right" ways will fail.

    Perhaps someone should come up with a system similar to kickstarter, where people can donate money to fund the opponent of congressmen they don't like.

    Lamar Smith introduced SOPA and is coming up for reelection this year (I think). Perhaps people should pledge money to a fund which will be given to his opponent, as a response.

    Perhaps someone should start a super-PAC org and take donations to air ads against him.

    There are lots of other things we could do - we just need some creativity.

  14. Re:Is it worth a year in a hellhole? by symbolset · · Score: 4, Insightful

    If you're holding out for a candidate that's not "fucking crazy" or "internet ignorant" I'm afraid you're going to have to set this election season out. Probably the next few too.

    --
    Help stamp out iliturcy.
  15. Re:initiating first post blast by shentino · · Score: 5, Insightful

    If a lunch counter sit in disrupted a politically well connected business it would be called an attack too.

  16. Re:initiating first post blast by shentino · · Score: 4, Insightful

    If a lunch counter sit in disrupted a politically well connected business it would be called an "attack" as well.

    As far as the feds are concerned it isn't about how strong the attack is, but who the victim is.

  17. Re:I took a LOIC in the ass by geminidomino · · Score: 5, Interesting

    And linux naming strikes again...

    Seriously, that's just bad luck. Half a page after the "script kiddie anti-defamation league" starts a mini-flamewar, and you go and point out that the linux version of the tool has a name that can be easily parsed as "Low IQ?"

    Yeesh. You can't make this stuff up. :)

  18. Re:initiating first post blast by sjames · · Score: 4, Informative

    Nor has this.

  19. Re:Stupid idea. by LordLucless · · Score: 5, Insightful

    If you want to protest, do so legally and publicly

    And inside your designated free speech zone.

    --
    Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
  20. Re:initiating first post blast by skoaldipper · · Score: 5, Funny

    Why, in my day we DoS'd by clicking on slashdot links, and by golly, we liked it!

    --
    I hope, when they die, cartoon characters have to answer for their sins.
  21. Re:initiating first post blast by Anonymous Coward · · Score: 5, Insightful

    Why does "anonymity" have anything to do with it?

    When hundreds of thousands of people showed up to hear Malcolm X or Martin Luther King, Jr. speak, was there some federal body requiring that everyone sign their name at the gate? Using facial recognition software to try to identify every single attendee? And if there were, would it not have been an infringement of the rights of free expression and association guaranteed by the Constitution?

    The "anonymity" of LOIC is furnished in the same way. It is not true and full anonymity, as FBI attacks and raids on previous LOIC participaters have shown. It is merely the anonymity of being in a large group of otherwise non-anonymous people, such that it would either (a) take too much time and effort for the corrupt goons of the FBI to hunt them down or (b) be prohibitively selective to haul off only a few people of a few thousand, ten thousand, or hundred thousand or more to subject to criminal proceedings.

    And yes, I'm posting as AC. My point: you don't have to have my name and face to see that what I am saying has value.

  22. Re:initiating first post blast by dead_cthulhu · · Score: 4, Insightful

    Perhaps they want (relative) anonymity because of draconian laws combined with third-world prison conditions in the US.