DDoS a client (not a server) – Digitalmunition

Home Forums DDoS a client (not a server)

This topic contains 1 reply, has 2 voices, and was last updated by  MrPoBot 1 month, 1 week ago.

  • Author
  • #370580


    I’m wondering whenever it is possible to perform a DoS/DDoS attack on a someone’s private pc rather than on a publicly available server. Assuming that the victim has a dynamic (DHCP) IP and probably all ports closed. With friends we did some experimentation. We tried several commonly known methods, but only ICMP PoD worked on one man with static IP. Everyone else was unaffected, despite me having almost 100 times greater bandwidth (10gbps vs 100mbps). All tools I was able to found on the internet were kinda useless. Finally, tried coding my own, but as I mentioned, only that dumb ping flood succeeded on just one friend.
    UDP/HTTP? Still ZERO lag. I’m still relatively new to networking, maybe that’s the reason that all failed. But hope some of you guys can explain me what’s wrong.

  • #370581


    Generally a DOS (DD-OS implies multiple hosts) is much more effective if you can actually get the client to respond and not just drop the connection. Generally if its running a, let’s say Apache server and your spamming it with requests even when configured properly to drop X amount of simultaneous connections it still had to evaluate that. A generic TCP packet on a closed port will usually just get dropped. you might also want to do some research into UPNP

  • #370582


    DDoS means Distributed Denial of Service. That means there is a service other people are trying to access, and you are denying them that. Servers provide services. A client isn’t providing anything for you to block, it is trying to access a service.

    If you want to slow someone else’s machine, you need to tie up their resources somehow. Flooding them with http packets does nothing because they’re just hitting a wall. Ping works because their network is accepting icmp packets and you are flooding their machine with them.

    You need to find a service on their machine that accepts connections from the internet (which there really shouldn’t be on a client) and attack that.

You must be logged in to reply to this topic.