DOS Attack help...EDUCATIONAL PURPOSE ONLY

[akfg666]

I am going to start off this thread with a very clear disclaimer:

MY QUESTION HERE IS FOR EDUCATIONAL PURPOSES ONLY AND ANY INFORMATION GAINED FROM THIS THREAD WILL NOT BE USED IN ANY MALICIOUS OR ILLEGAL WAY.

For one of my uni assignments, we are doing a sort of "battleships" game in which we program in tactics to a shell and run that shell on a server being hosted by the tutor and our battleships will run the tactics and hunt out and destroy the other students. Now, our mark is based on where we are in the ranking system and our tutor has given us ideas as to how to help ourselves, one of which he has hinted at is DOSing another student/ the main server.

This is something that interests me greatly and because of my course, would benefit me to know, however, I have no idea how I would go about DOSing another student/ the server within the room. If anyone on here had tutorials or advice then that would be greatly appreciated.

Again:

THIS IS FOR EDUCATIONAL PURPOSES ONLY

 

[DoPo]

Erm...I'm not entirely sure you actually mean DoS-ing there. Just to clarify, DoS stands for "denial of service" (or DOS as in Disk Operating System but it's clear that's not what you're after). It is basically any activity that forces the victim (a machine or a service, usually) to expend computing resources for something else, rather than service other users. Or very basically, it's overloading the target with information to the point they are not doing much else than handling it in some way or another. The most basic example is flooding a server (or any machine and/or service exposed to a network) with network traffic (packets/requests/connections) until there is no bandwith left for legitimate requests. Sort of zerg rushing the gates until nobody can enter them any more. Another tactic is to target a computationally expensive bit of functionality and overuse it to the point when the service is unable to process anything else. Point is, as I said - you deny resources to others.

That's pretty much what DoS is. Really - there is not much more to it. There is "DDoS", as well, where the first letter stands for "distributed". It's absolutely the same thing as DoS, but the attack comes from multiple places. So instead of one machine attempting to flood the bandwith of a server, you may have 100. At any rate, it's simply the implied scale that is different.

I do not see how this would be useful, though. From the scenario you suggest, it seems that a DoS attack would be equally harmful to you as is to them as nobody would be able to do anything if the machine is dead. Unless there is a time limit involved in some way I guess. There must be something either me or you is missing, if this is to work. "DoS-ing" another user on a machine is pretty much impossible, unless the machine has quotas in place for users but even then, you'll need to break into and use another user but at that point, you shouldn't bother with DoSing, as you are logged in as another user. If you DoS the machine, then you are at a disadvantage as well, unless, as I said, there is a timelimit and grinding everything to a halt benefits you in some way. Also, if the machine is used by anybody else outside this assignment, it's a really, really bad idea to do that.

 

[renegade7]

In simple terms, a denial of service attack is anything that cuts a person off from accessing a service.

Popularly, this refers to a distributed denial of service attack, DDoS. A virus creates a botnet of computers, when the attack is launched, this botnet repeatedly spams the target server with access requests at a rate with which it cannot keep up. The server either becomes too bogged down to access, or crashes.

However, you are not going to be able to do this to another personal computer on your network. If this is a school, and you're all using the same computers in a computer lab, the amount of traffic you'd need to generate to bog down another computer on your network will also do the same to yours, and you've got no prayer if it's a single personal computer (least of all the workstations that normally inhabit school computer labs) against a server.

There are other ways, however. It could be as simple as blocking people's MAC addresses from a wifi router.

Honestly though, any of that would be a big expenditure of time, it's not something you'll just be able to write a script for before hand. IMO, you're better off just playing fair and writing code to protect yourself from attacks.

 

[akfg666]

Ah yea, I forgot to mention that there is a time limit to the game that will be played and my tutor said that anyone who can successfully crash the server gets extra marks hence why I was seeing if there was a way to do it haha and the way I'd hope it might work would be to send so much traffic to the client PC that it would be unable to send commands to the bot server side and thus it would be a sitting duck unable to move or defend

 

[DoPo]

If a crash is what you want, and and everything works on a single mashine, then why not just fork bomb it?

){ :|:& };:

I assume it's running a *NIX OS - so while crude, it'd be effective. Then again, it might not be as easy as that - your teacher may have at least some security on the mashine and fork bomb is a pretty basic thing anyway - if he did protect against it, you'd only harm yourself with a forkbomb[footnote]Actually, if I was at his place, I'd totally do that and laugh as students disqualify themselves through forbombing essentially themselves[/footnote]. There was something called...eh, something like "tips to piss of an Unix admin" or along those lines, which had dirty tricks to do in a *NIX environment - making infinitely big files, fork bombs, taking over the CPU and such.

However, I'd advise to NOT try any of them on any legitimate machine and I'd also actually advise NOT to do it for this assignment. While it certainly does seem like fun, it might be more trouble than its worth to find a vulnerability in the computer you'll be running on. Indeed, since your teacher mentioned it, I would assume it might not be that easy. And I mean no offence but if you decided to ask here how to exploit the machine, then I would assume your skills and knowledge may not be up to the task. Again, I am not trying to insult you - we are not born with all the knowledge, after all, learning takes time. Since you are interested, though, I would advise to just play around with these sorts of stuff on your own time - one particularly useful way to do so, would be to set up a virtual machine then try to break it a watch it fall over. That's what I've done in the past and it's fun - just grab VirtualBox or VMWare Player (they are both free. I prefer VBox myself, for reference) and install any OS you want on it. Probably Linux, as it's easy to obtain in a million flavours, but Windows is also an option - I find that less fun, though. Installation is of minimum complexity - just click few buttons and done. Inside the VM you can do anything you want without fear of consequences - you can clone the machines and/or take snapshots of them then do whatever you wish and examine the results, afterwards, just restore to a good working state and repeat.

 

[akfg666]

If a crash is what you want, and and everything works on a single mashine, then why not just fork bomb it?

){ :|:& };:

I assume it's running a *NIX OS - so while crude, it'd be effective. Then again, it might not be as easy as that - your teacher may have at least some security on the mashine and fork bomb is a pretty basic thing anyway - if he did protect against it, you'd only harm yourself with a forkbomb[footnote]Actually, if I was at his place, I'd totally do that and laugh as students disqualify themselves through forbombing essentially themselves[/footnote]. There was something called...eh, something like "tips to piss of an Unix admin" or along those lines, which had dirty tricks to do in a *NIX environment - making infinitely big files, fork bombs, taking over the CPU and such.

However, I'd advise to NOT try any of them on any legitimate machine and I'd also actually advise NOT to do it for this assignment. While it certainly does seem like fun, it might be more trouble than its worth to find a vulnerability in the computer you'll be running on. Indeed, since your teacher mentioned it, I would assume it might not be that easy. And I mean no offence but if you decided to ask here how to exploit the machine, then I would assume your skills and knowledge may not be up to the task. Again, I am not trying to insult you - we are not born with all the knowledge, after all, learning takes time. Since you are interested, though, I would advise to just play around with these sorts of stuff on your own time - one particularly useful way to do so, would be to set up a virtual machine then try to break it a watch it fall over. That's what I've done in the past and it's fun - just grab VirtualBox or VMWare Player (they are both free. I prefer VBox myself, for reference) and install any OS you want on it. Probably Linux, as it's easy to obtain in a million flavours, but Windows is also an option - I find that less fun, though. Installation is of minimum complexity - just click few buttons and done. Inside the VM you can do anything you want without fear of consequences - you can clone the machines and/or take snapshots of them then do whatever you wish and examine the results, afterwards, just restore to a good working state and repeat.

Thank you for all the advice, much appreciated! I take no offence by your remarks, I'll admit that my aptitude in such matters is minimal to non-existent. I'll look into fork bombing and vmware and discuss it with my tutor in the mean time. Thanks again!