What would it take to bring a website down that gets 3000 http:// requests a day?

Why don't you just directly ask the question?

Sorry I guess thats to broad of a question. Out of curiosity how many different ways can you bring down a web site?

Let's just be direct here.
1. What website.
2. Why

No specific web site or motive... just curiosity

just sign saying you read the rules at the start
and either find an exploit
or DoS it

j...
You obviously have a site in mind, do not lie to me..
I will destroy you.
a website down that gets 3000 http:// requests a day?
Tell me the website, and I will help you take it down.
Think of it as an apprenticeship/tutorial.

dont listen to phoenix he cant take it down lol

Can't take down what?
Exactly

I picked out a small school homepage... The bandwith sucks... Anyways i thought this would be a easy first pick. http://cw.noacsc.org

just DoS it

i only have 1 machine lol not a botnet...

Your so smart..

is there another way of DoS other than just flooding them with http:// requests? using only one machine?

DoS is one machine...
and if you cant figure it out on your own then no

Yeh, how can we DoS a website, cos that would be sick as. Can we have a tutorial please?

all it is
is just flooding a site till it crashes
if you cant figure it out then you shouldnt be messing with it

Most dos/ddos attacks really dont crash the site. example: a sync attack just over loads apache where it cant keep up with all the request, the server is still up but apache cant respond. google that its a pretty simple attack :D .

ya he just wouldnt be able to do anything else lol

he's the douchebag that is slowing down the forum

who is? .

It's not vulnerable to xss

It's not vulnerable to xss

i hope you are not saying you need a XSS sploit to DoS attack

Ha, no not in the least, I'm just saying xss won't work. And the dasl link that needs verification, I can't get brutus to go after it because it's https, which is a bitch to find the ip address, they own the ip addresses from 64.114.1.0 to 64.114.1.255 I believe. And the https is on one of them. I don't have an ip range scanner on my computer though. Also, xss for DoS? Maybe.... write a script that asks the own site to ping itself endlessly? Wouldn't that double bandwith taken up? Either way, if you find an xss hole, you can do a whole lot worse than DoS'ing it. In windows, DoS is ping blahblahblah.com -1 65000 -t right? Or were you thinking about something else...

haha ya i was thinking just the basic packet flood
that is all that guy would be able to understand anyway
and it would work for a site that small

Actually, probably not. That whole site is hosted. Which means they probably have a server computer, which is just meant to be able to handle the bandwith pretty much. So unless you have around 3 computers, and a pretty decent internet connection, you probably won't be able to do it.

you could drop a small site that gets 3000 hits a day as long as it is hosted on a small network
you couldnt take out something hosted by go daddy or the likes

I'm not sure how schools host their shit... I'm too lazy to do a look up.

I doubt yout going to take down any site hosted in a DC. Most of them are connected via 100mbs ports. some share this but still thats a lot of bandwidth to say a home connection of 12mbs. A dos attack your dont going after bandwidth so much as you want to load the server down with processes. Im sure a school host there sites remote in a DC also. Ive hosted some city gov. sites so i would say schools do the same.

ya my teacher said all of the school sites for our region are hosted on a large server so you wouldnt be able to DoS it

just find out the server information, what kind of operating system it uses etc.
after that you simply try to find a working perl script or make your own? problem solved. 8)

ya my teacher said all of the school sites for our region are hosted on a large server so you wouldnt be able to DoS it

and thats obviously a load of crap.
ANY server can be DoS'd.
it totally depends if you're regulary dosing it or if you're using a PERL script specificly designed for the servers setups. hard to find? as hell, on the other hand if you can make you're own it'll be alot more easy.
however, saying that someone "wont" be able to DoS it is a load of crap.
sure it'll probably take some time to actually bring the server down but it aint impossible =).
and if DoS aint working properly , well simply deface their server?
or try finding a security hole in the server, bugg searching is a bitch though so my choice would be.
getting server info > find an premade script/exploit for the specific server > exploit it and make em cry .

pending who is serving(backbone) the site.

http://www.cert.org/advisories/CA-1996-21.html
http://www.cert.org/advisories/CA-1996-01.html
http://www.fbi.gov/contactus.htm <<<<<<<<<<<<but be careful they just took down some dos attackers using a botnet

and thats obviously a load of crap.
ANY server can be DoS'd.
it totally depends if you're regulary dosing it or if you're using a PERL script specificly designed for the servers setups. hard to find? as hell, on the other hand if you can make you're own it'll be alot more easy.
however, saying that someone "wont" be able to DoS it is a load of crap.
sure it'll probably take some time to actually bring the server down but it aint impossible =).
and if DoS aint working properly , well simply deface their server?
or try finding a security hole in the server, bugg searching is a bitch though so my choice would be.
getting server info > find an premade script/exploit for the specific server > exploit it and make em cry .


no you can NOT DoS (denial of service) it
you could DDoS (distributed denial of service) it
and what difference would it make if you performed a DoS attack with perl???
and it is not a load of crap
you are a complete and total idiot
please leave
you skiddie
"getting server info > find an premade script/exploit for the specific server > exploit it and make em cry "

My advice get the Goolag scanner from the cult of the dead cow website ,it simplifies the process of using Google to scan vulnerabilities on web servers

redfordu.k12.mi.us

take it down, you are a god

I think i joined the wrong forum, nothing but bitches and queers in here.

your kidding right? you necro'd to say that

Wow, frugal, that was a nice post there. Glad to see you are contributing to the site by being constructive. Oh, wait, no you weren't. You were being a hypocrite. You call us bitches and queers, but you yourself a probably just some little bitch...does saying things like this over the internet make you feel special? Help your ego some? Get a fuckin' life man....

I'm not sure how schools host their shit... I'm too lazy to do a look up.

my school hosts its server in a funny way, but it may help to know, the server is up as long as 1 computer is up, the server is hosted not by 1 but by all, but not 1 is needed, its really easy to crash :P

How do you access most 'shit' websites CPs?

I posted this in what.. .october? Thanks for the replys I clearly don't have the knowledge to do this even now lol.

yeah well. Its fairly easy to take down a site. The easiest being distributed denial of service. Obviously you would only know point and click so the easiest application, i would suggest is: http://www.fileden.com/getfile.php?file_path=www.fileden.com/files/2009/1/26/2285390/Http%20Flooder.zip

or

http://etapub.webs.com/apps/links/

HTTP Flooder Pro, DDOS stress testing tool. Set it to either 300 and 500 sockets. And then blow the crap out of your router. Then your ISP either shut it off, call you or come to your house and shoot you.

Go somewhere safe, get on an open wifi network, then use it. About 30+% people ACTUALLY report internet abuse, so theres a 70% chance you might not get caught. I may be wrong. ;)

Go somewhere safe, get on an open wifi network, then use it. About 30+% people ACTUALLY report internet abuse, so theres a 70% chance you might not get caught. I may be wrong.

Wise words from a man who got caught.

Anyways, there's a much better way to take out an HTTP service than by flooding it with packets. It uses HTTP pipelining to overload the server's multithreading with a few hundred HTTP requests.

Is that sarcasm I here from ishkur?

Just to answer this question...

I'm not sure how schools host their shit... I'm too lazy to do a look up.

It depends on the school, but if your school has a computer room filled with servers then they likely host it themselves. Look for sealed rooms with tinted glass windows or follow the computer networking teacher around until he or she enters an unmarked room. Server rooms are usually fire proofed using vacuum technology.

This means that in the air will all be sucked out of the room in the event of fire. The whole room seals and anything inside would likely die. Not very smart for human life, but profitable for the school in the event of disaster. The information on the servers, combined with the cost of the servers is worth more the corporate pigs than human life. Water and chemical extinguishers will destroy equipment in a room so therefore you see them using the vacuum.

You could do a lot more damage to a school but simply throwing fire into a server closet than a hack ever could.

Sorry I guess thats to broad of a question. Out of curiosity how many different ways can you bring down a web site?

i host my own web sites on my own servers as if am gonna tell you boys how to pop the box and deface my web pages

i host my own web sites on my own servers as if am gonna tell you boys how to pop the box and deface my web pages

You're retarded. Fuck yourself. There are a multitude of ways to hack a website. Try going to torrentz.com and downloading the cracked version of acunetix web vulnerability scanner, then scan the site, it almost always finds vulnerabilities.

whoever pulled that off it was fucking funny no 1 likes a smart ass that was clever