Create an account

Very important

  • To access the important data of the forums, you must be active in each forum and especially in the leaks and database leaks section, send data and after sending the data and activity, data and important content will be opened and visible for you.
  • You will only see chat messages from people who are at or below your level.
  • More than 500,000 database leaks and millions of account leaks are waiting for you, so access and view with more activity.
  • Many important data are inactive and inaccessible for you, so open them with activity. (This will be done automatically)

0Day Forums Hacking & Exploits Network Hacking [Theory] Anti-DDOS by ip recognition

Thread Rating:
  • 370 Vote(s) - 3.44 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Options
[Theory] Anti-DDOS by ip recognition

Offline outorganizes801589


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Sep 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#31
05-27-2014, 03:36 AM
Quote:(05-27-2014, 05:07 AM)ICE_ Wrote:

[To see links please register here]

this is a horrible way of doing it. When a user connects to a web page he connects to the server first through an IP and a port (thats all a url is, a masked IP address on port 80, 443 or 8080). A trust system would work if you're trying to stop forum post bombs but not DoS or DDoS attacks and even then it would be inefficient.

Oh god this is old... But I think you misunderstand the DoS method I'm trying to protect against. While it's certainly possible to DoS by having an upload bandwidth larger than your target's download, that's not the purpose of this method. This would protect against attacks that attempted to hit limits on server resources. (think slowloris, or some chernobyl packet)
Reply

Offline Faizal207321


Luxury
*****
Luxury
Posts: 0
Threads: 0
Joined: Jan 2023
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#32
05-27-2014, 06:03 AM
What about regular users that use Tor, proxies, or a VPN? It's a pretty good idea, just needs some work.

I bet some kid makes a million of this idea tommorow.
Reply

Offline heall294


Luxury
*****
Luxury
Posts: 0
Threads: 0
Joined: Mar 2017
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#33
05-27-2014, 09:49 AM
Quote:(05-27-2014, 10:03 AM)Aurora Wrote:

[To see links please register here]

I bet some kid makes a million of this idea tommorow.

Someone who had to hire people to code it for him.
Reply

Offline enumerative726261


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Apr 2022
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#34
05-27-2014, 10:34 AM
Quote:(09-06-2013, 02:36 AM)w00t Wrote:

[To see links please register here]

What? I was simply saying that "SELECT x from y WHERE z LIKE a" is a really, really, slow search, and therefore uses lots of computation time. By sending enough requests that force you to do that with my IP, your SQL server wouldn't respond very fast, if at all.

Especially with large databases, it becomes simply impractical.
Reply

Offline noelyzgqtvmeexp


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Dec 2016
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#35
05-27-2014, 06:10 PM
Quote:(05-27-2014, 02:03 PM)antlers Wrote:

[To see links please register here]

Especially with large databases, it becomes simply impractical.

Quote:(09-08-2013, 11:47 PM)3SidedSquare Wrote:

[To see links please register here]

Consider the following:

1) Connection from client to server is established (unavoidable)
2)The server checks to see if it is in a "high traffic" time
3) The connection origin is checked against "trusted" ip's (I know I said database, but hey, it was an idea in it's infancy. It seems like it could work much faster if if ip's were stored in a tree in memory, since it's a white list and not a blacklist, it should fit for a while)
4) a - the ip is not trusted, and is dropped
b - the ip is trusted, and the server can take more time and resources to serve the request.

The only reason I mention the tree is because a database is not really needed. The ip's don't even have to be stored, just the "trust" levels in the correct position in the tree. Give me a sec and I'll write some pseudo code.

threshold is the threshold trust level for high-traffic times
conn is the connection object
head is a tree of trust levels, according to the ip address, with 10 children for every parent. (0-9)
isHighTraffic is a method that determines if the server is in a high traffic time, returns boolean
serveRequest is a method that serves the request, given a connection object.

Hidden Content
You must

[To see links please register here]

or

[To see links please register here]

to view this content.

I'm not going to ask everyone to read the entire thread through before posting, but please see post #29(page 3) of this thread.
Reply

Offline nongolfers259065


Member
*
Member
Posts: 0
Threads: 0
Joined: Aug 2017
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#36
05-27-2014, 07:44 PM
This sounds like my first version of ALBATROSS (

[To see links please register here]

) but its a little different. I guess if you're looking strictly at limits it would be useful but its not easy to make, i promise

edit: also, sorry for grave digging... I saw it and was interested
Reply

Offline departmentscivcpf


Valued member
***
Valued member
Posts: 0
Threads: 0
Joined: Jul 2021
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#37
05-27-2014, 07:53 PM
Quote:(05-27-2014, 11:33 PM)ICE_ Wrote:

[To see links please register here]

This sounds like my first version of ALBATROSS (

[To see links please register here]

) but its a little different. I guess if you're looking strictly at limits it would be useful but its not easy to make, i promise

edit: also, sorry for grave digging... I saw it and was interested

Hey, I remember you now, you were in Dark Net Assassins way back when...

Yeah, this is meant to save server resources, especially if a DoS is constructed to request pages that take a lot of work to serve.
Reply

Offline cruickshank804


Luxury
*****
Luxury
Posts: 0
Threads: 0
Joined: Jul 2020
Reputation: 0
Level: inf [Level]
Total Points: inf
Rank nan / 1
100% to upload Level
Rank
Activity inf / 1
99% to upload your Rank
Activity
Experience nan
100% to upload Experience
Experience

Points: 50
#38
05-27-2014, 08:30 PM
Quote:(05-27-2014, 11:45 PM)3SidedSquare Wrote:

[To see links please register here]

Hey, I remember you now, you were in Dark Net Assassins way back when...

Yeah, this is meant to save server resources, especially if a DoS is constructed to request pages that take a lot of work to serve.

Oh lord, darknet assassins. those were the days. Yea, in that case it's somewhat useful. Hard to write (trust me, i've done it) but useful
Reply

« Next Oldest
Next Newest »


Forum Jump:


Users browsing this thread:
1 Guest(s)

©0Day  2016 - 2023 | All Rights Reserved.  Made with    for the community. Connected through