We can't find the internet
Attempting to reconnect
Something went wrong!
Attempting to reconnect
Analysis Summary
Worth Noting
Positive elements
- This video effectively visualizes the difference between a standard ping and a flood attack, making the concept of network latency tangible for beginners.
Be Aware
Cautionary elements
- The 'revelation framing' (treating basic tools as forbidden knowledge) can create a false sense of expertise in viewers who are just beginning their IT journey.
Influence Dimensions
How are these scored?About this analysis
Knowing about these techniques makes them visible, not powerless. The ones that work best on you are the ones that match beliefs you already hold.
This analysis is a tool for your own thinking — what you do with it is up to you.
Transcript
So, I'm about to DOS attack myself. Now, please again don't attack anyone without permission. You can go to jail for this. Check this out. So, I've got my web server here. Works fine. I'm actually pinging it from another server as well. So, we can see how healthy it is. And we know it's healthy when we look at the time it takes to get there. When we're DOSing something or denial of servicing something, we basically have two goals. We want to overwhelm or confuse or both. Denial of service started out with just pinging a server just like this. And by the way, this is harmless. This is what actually we use to see if servers are up. But hackers want to take a good thing and make it a bad thing. Maybe if I send a bunch of stuff really fast, I can overwhelm that server. I can use a popular hacking tool called hping 3. The switch I'll use is -1. I'll do a d- flood. And then my target 10.7.150. And let's go. So now it's sending a ton of traffic right now. But what we'll notice, too, is that if I look back at my ping on my server, the time really hasn't changed much. But why? It's just not enough traffic to overwhelm my server. He's got plenty of bandwidth and he can handle all those ping requests. So something like that, an attack like that really isn't effective. Now, what if instead of one computer I'm using to attack it, what if I use another? What if I start sending pings from there and from here and from here? What if I keep adding them? Let's try that. Okay, we're actually seeing something happen. Now, this is significant. Watch this. We've gone from sub millisecond to at times 19 milliseconds, which is huge on a local LAN. This is what we call a distributed denial of service attack or a DDoS attack because we're using multiple computers to attack our target. Now, this attack is called a ping flood or a ICMP flood. And again, it just takes advantage of a a protocol and a tool that we all use, all IT people use to make sure things are up, but we use it to take it down, which is kind of cool. Now, the problem with this attack is that it's pretty easy to defeat. All you got to do is turn off ICMP on your server, turn off ping, can't attack him anymore. It's done. How lame.
Video description
https://www.youtube.com/watch?v=eZYtnzODpW4