DDoS Tools Flourish, Give Attackers Many Options

[InfoSec News <alerts () infosecnews org>]

http://www.informationweek.com/news/security/attacks/232600497

By Mathew J. Schwartz
InformationWeek
February 09, 2012

How hard is it to launch a distributed denial-of-service (DDoS) attack?

Arguably, the hacktivist collective Anonymous has made launching DDoS 
attacks look easy, due to its high-profile DDoS campaigns against 
everyone from PayPal and MasterCard to the FBI and Department of 
Justice. In addition, Anonymous offered the promise of one-click attacks 
via its low orbit ion cannon (LOIC) DDoS attack tool.

While LOIC was great at building buzz for Anonymous, it also provided 
valuable intelligence for law enforcement agencies, since many users 
apparently didn't realize that the tool alone wouldn't obscure their IP 
address from the sites they attacked.

But LOIC, it turns out, is just one of many DDoS tools now available for 
online use, downloading, or renting. Indeed, there's now a thriving DDoS 
tool and botnet ecosystem that includes "single user flooding tools, 
small host booters, shell booters, remote access Trojans (RATs) with 
flooding capabilities, simple DDoS bots, complex DDoS bots, and some 
commercial DDoS services," said Curt Wilson, a research analyst at Arbor 
Networks, in a blog post. "Many types of threats can be blended into any 
given tool in order to make the tool more attractive and financially 
lucrative"--as in, profitable for whoever's renting out the DDoS 
capabilities.

[...]


______________________________________________________________________________
Certified Ethical Hacker and CISSP training with Expanding Security gives
the best training and support.
Get a free live class invite weekly.  Best program, best price.
www.ExpandingSecurity.com/PainPill