Low Orbit Ion Cannon

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Low Orbit Ion Cannon
LoicNewEraCracker - from Commons.png
NewEraCracker LOIC GUI
Original author(s) Praetox Technologies
Written in C#
Operating system Windows, Linux, Mac OS X
Platform .NET, Mono
Size 131 KB
Available in English
Type Network testing
License Public domain
Website LOIC at SourceForge

Low Orbit Ion Cannon (LOIC) is an open source network stress testing and denial-of-service attack application, written in C#. LOIC was initially developed by Praetox Technologies, but was later released into the public domain,[1] and now is hosted on several open source platforms.[2][3]

The software has inspired the creation of an independent JavaScript version called JS LOIC, as well as LOIC-derived web version called Low Orbit Web Cannon. These enable a DoS from a web browser.[4]

Use[edit]

LOIC performs a denial-of-service (DoS) attack (or when used by multiple individuals, a DDoS attack) on a target site by flooding the server with TCP or UDP packets with the intention of disrupting the service of a particular host. People have used LOIC to join voluntary botnets.[5]

Countermeasures[edit]

Security experts quoted by the BBC indicated that well-written firewall rules can filter out most traffic from DDoS attacks by LOIC, thus preventing the attacks from being fully effective.[6] Specifically, it has been claimed that filtering out all UDP and ICMP traffic helps to address LOIC attacks in an efficient way.[7] However, the firewall rules need to be entered upstream, e.g. at the ISP of the site operator, where the backbone is converted to the server's broadband line. If the packets still have to travel through the server's limited line, then filtering the packets at the firewall level is not a valid deterrence, since the packets still have to travel to the firewall before the firewall can do anything to the packets, and the line between the server's ISP and the server's firewall will be clogged.[7]

LOIC attacks are easily identified in system logs, and the attack can be tracked down to the IP addresses used at the attack.[8]

Notable uses[edit]

Project Chanology and Operation Payback[edit]

LOIC was used by Anonymous during Project Chanology to attack websites from the Church of Scientology,[9] once more to (successfully) attack the Recording Industry Association of America's website in October 2010,[10] and again during Operation Payback in December 2010 to attack the websites of companies and organizations that opposed WikiLeaks.[11][12]

Operation Megaupload[edit]

Main articles: Operation Megaupload and Megaupload

In retaliation for the shut down of the file sharing service Megaupload and the arrest of four workers, Anonymous DDoSed the websites of UMG (the company responsible for the lawsuit against Megaupload), the United States Department of Justice, the United States Copyright Office, the Federal Bureau of Investigation, the MPAA, Warner Brothers Music and the RIAA, as well as the HADOPI, all on the afternoon of January 19, 2012, through LOIC.[13]

Origin of name[edit]

The LOIC application is named after the ion cannon, a fictional weapon from many sci-fi works, and in particular after its name sake from the Command & Conquer series of video games.[14]

Other implementations[edit]

Another implementation of LOIC named LOIC++[15] has been made to run natively on Linux. There is also an OS independent implementation written in Java named Java LOIC.[16]

References[edit]

  1. ^ "Praetox Techlologies". Archived from the original on Oct 8, 2010. 
  2. ^ "LOIC | Free Security & Utilities software downloads at". Sourceforge.net. Retrieved 2013-11-22. 
  3. ^ "NewEraCracker/LOIC · GitHub". Github.com. Retrieved 2013-11-22. 
  4. ^ Warren, Christina (December 9, 2010). "How Operation Payback Executes Its Attacks". Mashable. 
  5. ^ "Pro-Wikileaks activists abandon Amazon cyber attack". BBC News. 9 December 2010. 
  6. ^ "Anonymous Wikileaks supporters explain web attacks". BBC. 10 December 2010. Retrieved 11 December 2010. 
  7. ^ a b "The attacks on GRC.COM". GRC.com. 06-02-2001. Retrieved 2012-01-25. 
  8. ^ Nardi, Tom (March 3, 2012). "Low Orbit Ion Cannon: Exposed". The Powerbase. Retrieved March 4, 2012. 
  9. ^ Norton, Quinn (2012-01-01). "Anonymous 101 Part Deux: Morals Triumph Over Lulz". Wired.com. Retrieved 2013-11-22. 
  10. ^ Hachman, Mark (October 29, 2010). "'Anonymous' DDoS Attack Takes Down RIAA Site". PC Magazine. 
  11. ^ Moses, Asher (December 9, 2010). "The Aussie who blitzed Visa, MasterCard and PayPal with the Low Orbit Ion Cannon". The Age (Melbourne). 
  12. ^ "Anonymous Wikileaks supporters mull change in tactics". BBC News. December 10, 2010. 
  13. ^ "Anonymous Hackers Hit DOJ, FBI, Universal Music, MPAA And RIAA After MegaUpload Takedown". Forbes. Retrieved 2013-11-22. 
  14. ^ metatags generator (2012-09-27). "Low Orbit Ion Cannon". Web.archive.org. Retrieved 2013-11-22. 
  15. ^ https://github.com/b055/LOIC-- LOIC++
  16. ^ http://javaloic.sourceforge.net/ Java LOIC

External links[edit]