nanog mailing list archives
RE: LOIC tool used in the "Anonymous" attacks
From: "Stefan Fouant" <sfouant () shortestpathfirst net>
Date: Sat, 11 Dec 2010 12:34:20 -0500
-----Original Message----- From: Marshall Eubanks [mailto:tme () multicasttech com] Sent: Saturday, December 11, 2010 10:20 AM To: North American Network Operators Group Subject: LOIC tool used in the "Anonymous" attacks Interesting analysis of the 3 "LOIC" tool variants used in the "Anonymous" Operation Payback attacks on Mastercard, Paypal, etc. http://www.simpleweb.org/reports/loic-report.pdf LOIC makes no attempt to hide the IP addresses of the attackers, making it easy to trace them if they are using their own computers.
IMO, LOIC is a very unsophisticated tool. There are methods the attackers could have used to obfuscate their IP (while still employing a complete TCP 3-way handshake) if they were a bit more knowledgeable. Although it's equivalent to a sophomore year CS project, it has benefit of being "easy to use" and so lowers the barrier to entry for would-be script kiddies looking for a fun afternoon. There is also evidence of its use in the wild outside of "the hive". I think the skill level of these guys is clearly evidenced by one of the members who forgot to remove the metadata from their most recent "press release". Stefan
Current thread:
- LOIC tool used in the "Anonymous" attacks Marshall Eubanks (Dec 11)
- Re: LOIC tool used in the "Anonymous" attacks Beavis (Dec 11)
- RE: LOIC tool used in the "Anonymous" attacks Stefan Fouant (Dec 11)
- Re: LOIC tool used in the "Anonymous" attacks John Adams (Dec 11)
- Re: LOIC tool used in the "Anonymous" attacks Leo Bicknell (Dec 11)
- Re: LOIC tool used in the "Anonymous" attacks Marshall Eubanks (Dec 11)
- <Possible follow-ups>
- Re: LOIC tool used in the "Anonymous" attacks andrew.wallace (Dec 11)
- Re: LOIC tool used in the "Anonymous" attacks mikea (Dec 13)
- Re: LOIC tool used in the "Anonymous" attacks andrew.wallace (Dec 11)