search

NewEraCracker / LOIC

Deprecated - Low Orbit Ion Cannon - An open source network stress tool, written in C#. Based on Praetox's LOIC project. USE ON YOUR OWN RISK. WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES. IF YOU GET V& IT IS YOUR FAULT.
https://github.com/NewEraCracker/LOIC/
Other
2.66k stars 650 forks source link

UNACCEPTABLE FLAW IN THE LOIC #30

Closed anon679 closed 13 years ago

anon679 commented 13 years ago

This IP sending issue is becoming more and more critical as the LOIC needs to simulate more vigorous and novel attacks on our servers.

Basically, the LOIC sends an IP address with every packet it sends, which is an UNACCEPTABLE way to test our servers against the new threats of tomorrow. In the future, hackers will use untraceable programs to DDOS servers, and we desperately need a way to simulate it, so we can understand the implications and possible solutions.

Now I'm not a network professional, but no hacker would or should ever send their own IP address with every packet. If it is to be used to simulate server DDOSes, it should only send the requests to the server, not anything else.

Currently, network testers like me are trying to patch up this fatal flaw by using VPNs like Hotspot Shield. However, there is risk of major collateral damage through this quick fix.

Please, find a fix for this burning problem. People are at stake. Some have been crushed, as the LOIC offers no security or privacy.

Also, could you please read up on a new network testing application, the High Orbit Ion Cannon? It seems to have things that the LOIC could learn from.

Full report here:

http://www.simpleweb.org/reports/loic-report.pdf

NewEraCracker commented 13 years ago

Closed.

Duplicate of: https://github.com/NewEraCracker/LOIC/issues#issue/26