Understanding DDoS Attacks and Prevention

Distributed Denial of Service, also commonly abbreviated to DDoS, is a cyber attack made infamous by movies and the internet. Simply put, it is a situation where any sort of service is being denied to you but in this particular video, we will take a deeper look into DDOS and I will try and explain how much how such an attack works. along with its various types. Hi guys, my name is Arya, and I welcome you all to this video about DDoS Explained. Now, before we begin, let's just go over the agenda of today's video. So today, we will first see what exactly is a DDoS attack and also a DOS attack. We'll also go over how it works and the types of DDoS attacks. In the end, I'll show you a neat little demonstration on how you could perform your own DOS attack in your neighborhood. Okay, so let's begin. Firstly, let's go over what what DOS and DDoS means. Now to understand a DDoS attack, it is essential to understand the fundamentals of a DOS attack. DOS simply stands for denial of service. This service could be of any kind. For example, imagine your mother confiscates your cell phone when you are preparing for your exams to help you study without any sort of distraction. While the intentions of your mother is truly out of care and concern, you are being denied the service of calling and any other service offered by your cell phone. Now with respect to a computer and computer networks, a denial of service could be in the form of hijacking web servers, overloading ports with requests, rendering them unusable, denying wireless authentication, and denying any sort of service that is provided on the internet. Attacks of such intent can be performed from a single machine. While single machine attacks are much easier to execute and monitor, they are also easy to detect and mitigate. To solve this issue, the attack could be executed from multiple devices spread across a wide area. Not only does this make it difficult to stop the attack, but it also becomes near impossible to point out the main culprit such attacks are called distributed denial of service or DDoS attacks. Now, let's see how they work the main idea of a DDoS attack as explained is making a certain service unavailable since everything that is attacked is in reality running on a machine the service can be made unavailable if the performance of the machine can be brought down. This is the fundamental behind DOS and DDoS attacks. Now some DOS attacks are executed by flooding servers with connection requests until the server is overloaded and is deemed useless. Others are executed by sending unfragmented packets to a server which they are unable to handle. These methods when executed by a botnet exponentially increase the amount of damage that they are doing and their difficulty to mitigate increases in leaps and bounds. To understand more about how these attacks work. Let us look at the different types of attacks. Now while there are plenty of ways to perform a DDoS attack. I'll be listing down the more famous ones. These methodologies have become famous due to their success rate and the damage they have caused over time. It is important to note that with the advancement in technology, the more creative minds have devised more devious ways to perform DOS attacks. Now, the first type of methodology that we're going to discuss is called ping of death. Now, according to the TCP IP protocol, the maximum size of a packet can be 65,535 bytes. The ping of death attack exploits this particular fact. In this type of attack, the attacker sends packets that are more than the max packet size when the packet fragments are added up. Computers generally do not know what to do with such packets and end up freezing or sometimes crashing entirely. Then we come to reflected attacks. This particular attack is more often than not used with the help of a botnet. The attacker sends a host of innocent computers a connection request using a botnet, which are also called reflectors. Now this connection that comes from the botnet looks like it comes from the victim. and this is done by spoofing the source part in the packet header. This makes the host of computers send an acknowledgement to the victim computer. Since there are multiple such requests from the different computers to the same machine, this overloads the computer and crashes it. This type of attack is also known as a smurf attack. Another type of attack is called mail bomb. Now mail bomb attacks generally attack email servers. In this type of attack, instead of packets, oversized emails filled with random garbage values are sent to the target's email server. This generally crashes the email server due to a sudden spike in load and renders them useless until fixed. Last but not the least, we have the teardrop attack. So in this type of attack, the fragmentation offset field of a packet is abused. One of the fields in an IP header is a fragment offset field, indicating the starting position or offset of the data contained in a fragmented packet relative to the data in the original packet. If the sum of the offset and the size of one fragmented packet differs from that of the next fragmented packet, the packets overlap. Now when this happens a server vulnerable to teardrop attacks is unable to reassemble the packets resulting in a denial of service condition. Okay, so that was all the theoretical portion of this video. Now it's time to actually perform our very own DDoS attack. Okay, so now that we finished the theoretical part of how DDoS actually works and what it actually is, with its different types, let me just give you guys a quick demonstration on how you could apply a denial of service attack on a wireless network anywhere around you. Like this could be somewhere like Starbucks where you're sitting, or this could be a library also, or your college institution. No matter where you're sitting, this procedure will work. So the first thing we want to do is actually open up a terminal because we will be doing most of our work on a command line basis. Now for this particular demonstration, we will be actually using two tools. First is AircrackNG, which is a suite of tools, which contains AircrackNG, AirMonNG, AirReplayNG, and AerodumpNG. So these are the four tools that come along with it. And the second one that we'll be using is called MacChanger. Okay, so let me just put my terminal on maximum so you guys can see what I'm actually writing out. So first thing we want to do is actually log in as a root. So let me just do that quickly. We need to log in as root because most of the stuff that we're going to do right now will need administrator access. Now, the first thing we want to do is check out our wireless network card's name. And we can do that easily by typing ifconfig. Now, you can see that my wireless card is called WL01. and we get the MAC address and we also get the IPv6 address. So that's my wireless network card and we'll be actually setting that up in monitor mode. Now before we actually go into and start up our network card in monitor mode, let me just show you how you can install the two tools that I just spoke about. That is AircrackNG and MacChanger. So to install AircrackNG, you can just go apt-get install AircrackNG. Hit enter. and this should do it for you. I already have it installed, so it's not going to do much. To install MacChanger, you could just go the same command, that is apt-get install macchanger, and you can check if both the tools have been installed properly by opening the manual pages by typing man aircrack ng, and this will open up the manual page for you. And let's also do the same for MacChanger. So what we're going to do first is set up our network interface car into monitor mode. So to do that, all we have to do is type ifconfig and we need to put our network interface card down. So we go WL01 down and with the command ifconfig, we go mode monitor. Don't forget to specify the interface that you're working on. So ifconfig WL01 mode monitor. And all you have to do now is put it back up. So what we are going to type is ifconfig WL01 up. You can check the mode. It'll say managed if it's in monitoring mode. So as you guys can see, it says mode managed. So that's how we're going to go ahead. So you can check that just for your own purposes. So we can also check for only WL01 by specifying the interface. Or you could also check the mode only by passing it through a pipe function, and that is using grep mode. So iwconfig, WL01, grep, and mode. Well, mode begins with a capital M, so that's how you would probably return it. So as you guys can see, that has returned the mode for us. along with the access point and the frequency. Okay, so that was a little fun trivia on how you could fetch the mode from a certain command that like IWConfig by passing it through a pipe and grabbing it with mode. Grab basically means grab. Okay, so now moving on, we will get to the more important stuff now. So firstly, we need to check for some sub-processes that might still be running and that might actually interfere with our scanning process. So to do that, what we do is airmonng check and then the name of the interface. Now as you guys can see I have the network manager that is running out here and we need to kill that first and that can be easily done by going kill with the pid. After that you can run a general command called airmonng check and kill so whatever it finds it will kill it accordingly and when it produces no results like this that means you're ready to go as there are no sub-processes running that might actually interfere with our scan. Now what we want to do is we want to run a dump scan on the network interface card and check out all the possible access points that are available to us. So as you guys can see, this produces a bunch of access points and they come with their BSS IDs. They also have the power, which is the PWR. That is the power of the signal. And let me go down back again. So yeah, you can see the beacons, you can see the data, you can see the channels available and what the BSS ID is. It's the MAC ID that is. actually tied in with the ESS ID, which basically represents the name of the router. Now what we want to do from here is we want to choose which router we want to actually DOS. Now the whole process of DOSing is actually we will continuously deauthenticate all the devices that are connected to it. So for now I have chosen Edureka Wi-Fi to actually DOS out. And once I send a deauthentication broadcast it will actually deauthenticate all the devices that are connected to it. Now this deauthentication is done with a tool called AirReplay which is a part of the AirCrack NG suite of tools. Now let us just see how we can use air replay by opening up the help command. So we go dash dash help and this opens up the help command for us. Now as you guys can see it shows us that we can send a deauthentication message by typing in the hyphen zero. And then we need to type in the count. So what we are going to do is type in hyphen zero which will send a deauthentication message. And now we can type one or zero. So one will send only one deauthentication message. While zero will continuously loop it and send a bunch of deauthentication messages. We are going to say zero because we want to be sure that we are deauthenticating everybody. And we can also generally specify the person we also want to specifically deauthenticate. But for this demonstration, I'm just going to try and deauthenticate everybody that is there. So what we are going to do is we are going to copy down the MAC address or the BSS ID, as you would know it. And then we are going to run deauthentication message. Now, as you guys can see, our deauthentication message is beginning to hunt on channel nine. Now, as you guys know, and as I already know, that our PSS ID or MAC address is working on channel six. Now, we can easily change the channel that our interface is working on by just going iwconfig wl1 and then channel and then specifying the channel. As you guys can see, our chosen router is working on channel six, so that's exactly what we're gonna do. Now, as you guys can see, it immediately starts sending the authentication. codes to the specified router and this will actually make any device that is connected to that router almost unusable. You might see that you are still connected to the Wi-Fi but try browsing the internet with them. You will never be able to actually reach any site as I'm constantly de-authenticating your service. You will need that four-way handshake all the time and even if it completes you are suddenly de-authenticated again because I'm running this thing on a loop. Now you can let this command run for a few moments. or how much of a time you want to DDoS that guy for. Well, this is not exactly a DDoS because you're doing it from one single machine, but you can also optimize this code to actually looks like it's running from several different machines. So let me just show you how to do that. We're gonna write a script file to actually optimize our code a lot. So this script file will actually automate most of the things that we just did and also optimize a little by changing our MAC address every single time. So we become hard to actually point out. So the first thing that we wanna do is, We want to put our wireless network card down. And maybe that's not the first thing that I want to do. Just give me a moment to think about this. I haven't actually thought this through. And I'm doing this on the fly. Okay, so the first thing that we're going to do is we're going to start a while loop that is going to continuously run until we actually externally stop it. So we go while true. And then we're going to say do. And the first thing that we want to do is send out a deauthentication message. And we are going to send it. around 10 deauthentication messages and we want to run it on a specific BSS ID. So that is the BSS ID that I had copied. So let me just put in that. And then we just put in the interface that it's supposed to work on. Now, what we want to do after that is we want to change the MAC address after we have sent all these 10 packets. So what we will need to do is put down our wireless network. And as already discussed, we can do that with ifconfig wl1 down. and now what we want to do is change our MAC address. So we can do that with the simple tool that we had installed and saying MACChanger-R. So let me just open up a quick tab and show you guys how MACChanger actually works. Now you can already check out my other video called the Ethical Hacking Course, which actually covers a lot of topics and MACChanger is just one of them. And you can check how to use it in depth in that video. But for now, let me just give you a brief introduction how MacChanger works. The MacChanger will basically give you a new Mac address every time. Let me just open up the help menu for you guys. So as you guys can see, these are the options that are available to us. We can get a random Mac address. We can also tell it to show our Mac address. And we also have to specify the interface when we want to show us the Mac address. Now let me just generate a new Mac address. So you see out here that interface up or insufficient permissions is being shown. So this means we always have to put down our interface first. So let me just do that quickly. I have config wl01 down and now what we want to do is give ourselves a new MAC address and boom roasted. We already have a new MAC address as you guys can see from the new Mac part. Now, if we put back our network interface card and then try and show our MAC address again, we see that our current MAC and our permanent MAC are two completely different MAC addresses. And our current MAC and the new MAC are identical. So this is how you can actually generate new MAC addresses to spoof your own identity on the while. And that is very useful in this case because the person you're attacking will be so confused as to what to do. because your MAC address is changing every time and there's no real solution to the situation that you're creating for them. At least I don't know of any solution. If you do know how to stop this for yourself, please leave it down in the comment section below and help the world a little bit. Now we want to also get to know what our MAC address is every time. So let me just pipe my function through the whole thing and let me just try and grab the new MAC address. So MAC changer are wl1 and grep mac. and then we want to put our network card in the monitor mode. And then we also want to put up our network interface card. Now, what we want to do out here is optimize it. So we can't be attacking constantly. So let us put a sleep timer. So this will make our program sleep for a particular amount of time. I'm going to make it sleep for five seconds. So after every five seconds, it's going to send that particular BSS ID, then deauthentication messages. Then it's going to bring down my interface card. it's gonna change my MAC address. It's gonna put back the interface card into monitor mode and sleep for five seconds and then repeat the entire process. And to end the script, let's just say done. So that will denote when the loop is done. Now let me just save it, Control-O, Control-X to exit. And there we go. Okay, so first of all, to actually run this, need to give it. some more permissions. So as you guys can see, we already have it. Let me just put it in a much more readable format. Okay, so as you guys can see, our DOS DOS SH doesn't really have executability. So we can do that with command chmod. So I'm going to give it some executable permissions. So chmod plus x and then the name of the file. So this will actually change our DOS DOS SH into a executable bash script. Okay, so it seems that we have done some error. So let's just. go back into our bash script and check for the error that we have probably done so nano dos dos h at dos dot sh ah okay so the thing that i am missing is that i forgot the hyphen a that i'm supposed to put before putting the bss id in the air replay ng part of the code so let me just go ahead and quickly do that okay so now that that is done let me just save it and quickly exit and see if this thing is working Okay, so now we are trying to work out our script. Now, you guys should know that this edureka Wi-Fi is my company's Wi-Fi, and I have complete permission to go ahead and do this to them. Also, my company's Wi-Fi is kind of secure, so every time it senses that a deauthentication message is being sent like that, it kind of changes the channel that it is working on. So these guys are really smart, smarter than me most of the time. And this time... I'm just gonna try and force them to work on channel six. So let me just go ahead and run my script once. Okay, so let me just check that they're still working on channel six. Yep, they're still working on channel six. Let me just check my script once if it's correctly done, if I have the perfect Mac ID. Let me just copy in the Mac ID just to be sure once again. So there you go, we've copied it. Let's go into the script and let's paste it out. Okay, so now that that is done, and we have Mac IDs and everything set up properly. Let me just show you how to run the script. So you go dot and backward slash, and then you say dos, dos, sh. Now you see that our thing is working on channel eight. So this will definitely not work and say that BSS ID is not there. So what we need to do, as I had showed to you guys earlier, we can go iwconfig wl1 and change the channel to channel six. Oops, I changed it to channel eight again. This will not work. I'm sorry. That was my bad. So now that we have changed it to channel six, you can see that it is sending everything immediately. Okay, so that is actually running our script very well. And as you guys can see, the security measures that are taken by my company, it will not always work on channel six. It'll keep rotating now until it finds a safe channel. So it really can't find a safe channel. I will always be dosing on channel six and it will run sometimes and it won't run sometimes, but mostly with on secure wifi that is running at your home mostly, this will work 100% times. So let me just stop this because my company will go mad on me if I just keep on DOSing them. So this brings us to the end of our demonstration. This is how you can always DOS your neighbors if they're annoying you. But remember, if you're caught, you could be prosecuted. So this was about how DDoS works, what DDoS actually is and the different types and how you can do one on your own with your own system. Okay, so that's it for me for today. I'll meet you guys in the next tutorial video. Goodbye. I hope you have enjoyed listening to this video. Please be kind enough to like it and you can comment any of your doubts and queries and we will reply them at the earliest. Do look out for more videos in our playlist. and subscribe to Edureka channel to learn more. Happy learning!

Hi guys, my name is Arya, and I welcome you all to this video about DDoS Explained. Now, before we begin, let's just go over the agenda of today's video. So today, we will first see what exactly is a DDoS attack and also a DOS attack. We'll also go over how it works and the types of DDoS attacks. In the end, I'll show you a neat little demonstration on how you could perform your own DOS attack in your neighborhood.

Okay, so let's begin. Firstly, let's go over what what DOS and DDoS means. Now to understand a DDoS attack, it is essential to understand the fundamentals of a DOS attack.

DOS simply stands for denial of service. This service could be of any kind. For example, imagine your mother confiscates your cell phone when you are preparing for your exams to help you study without any sort of distraction.

While the intentions of your mother is truly out of care and concern, you are being denied the service of calling and any other service offered by your cell phone. Now with respect to a computer and computer networks, a denial of service could be in the form of hijacking web servers, overloading ports with requests, rendering them unusable, denying wireless authentication, and denying any sort of service that is provided on the internet. Attacks of such intent can be performed from a single machine.

While single machine attacks are much easier to execute and monitor, they are also easy to detect and mitigate. To solve this issue, the attack could be executed from multiple devices spread across a wide area. Not only does this make it difficult to stop the attack, but it also becomes near impossible to point out the main culprit such attacks are called distributed denial of service or DDoS attacks. Now, let's see how they work the main idea of a DDoS attack as explained is making a certain service unavailable since everything that is attacked is in reality running on a machine the service can be made unavailable if the performance of the machine can be brought down. This is the fundamental behind DOS and DDoS attacks.

Now some DOS attacks are executed by flooding servers with connection requests until the server is overloaded and is deemed useless. Others are executed by sending unfragmented packets to a server which they are unable to handle. These methods when executed by a botnet exponentially increase the amount of damage that they are doing and their difficulty to mitigate increases in leaps and bounds. To understand more about how these attacks work.

Let us look at the different types of attacks. Now while there are plenty of ways to perform a DDoS attack. I'll be listing down the more famous ones.

These methodologies have become famous due to their success rate and the damage they have caused over time. It is important to note that with the advancement in technology, the more creative minds have devised more devious ways to perform DOS attacks. Now, the first type of methodology that we're going to discuss is called ping of death. Now, according to the TCP IP protocol, the maximum size of a packet can be 65,535 bytes.

The ping of death attack exploits this particular fact. In this type of attack, the attacker sends packets that are more than the max packet size when the packet fragments are added up. Computers generally do not know what to do with such packets and end up freezing or sometimes crashing entirely.

Then we come to reflected attacks. This particular attack is more often than not used with the help of a botnet. The attacker sends a host of innocent computers a connection request using a botnet, which are also called reflectors. Now this connection that comes from the botnet looks like it comes from the victim.

and this is done by spoofing the source part in the packet header. This makes the host of computers send an acknowledgement to the victim computer. Since there are multiple such requests from the different computers to the same machine, this overloads the computer and crashes it.

This type of attack is also known as a smurf attack. Another type of attack is called mail bomb. Now mail bomb attacks generally attack email servers.

In this type of attack, instead of packets, oversized emails filled with random garbage values are sent to the target's email server. This generally crashes the email server due to a sudden spike in load and renders them useless until fixed. Last but not the least, we have the teardrop attack. So in this type of attack, the fragmentation offset field of a packet is abused.

One of the fields in an IP header is a fragment offset field, indicating the starting position or offset of the data contained in a fragmented packet relative to the data in the original packet. If the sum of the offset and the size of one fragmented packet differs from that of the next fragmented packet, the packets overlap. Now when this happens a server vulnerable to teardrop attacks is unable to reassemble the packets resulting in a denial of service condition. Okay, so that was all the theoretical portion of this video.

Now it's time to actually perform our very own DDoS attack. Okay, so now that we finished the theoretical part of how DDoS actually works and what it actually is, with its different types, let me just give you guys a quick demonstration on how you could apply a denial of service attack on a wireless network anywhere around you. Like this could be somewhere like Starbucks where you're sitting, or this could be a library also, or your college institution. No matter where you're sitting, this procedure will work. So the first thing we want to do is actually open up a terminal because we will be doing most of our work on a command line basis.

Now for this particular demonstration, we will be actually using two tools. First is AircrackNG, which is a suite of tools, which contains AircrackNG, AirMonNG, AirReplayNG, and AerodumpNG. So these are the four tools that come along with it. And the second one that we'll be using is called MacChanger. Okay, so let me just put my terminal on maximum so you guys can see what I'm actually writing out.

So first thing we want to do is actually log in as a root. So let me just do that quickly. We need to log in as root because most of the stuff that we're going to do right now will need administrator access.

Now, the first thing we want to do is check out our wireless network card's name. And we can do that easily by typing ifconfig. Now, you can see that my wireless card is called WL01. and we get the MAC address and we also get the IPv6 address. So that's my wireless network card and we'll be actually setting that up in monitor mode.

Now before we actually go into and start up our network card in monitor mode, let me just show you how you can install the two tools that I just spoke about. That is AircrackNG and MacChanger. So to install AircrackNG, you can just go apt-get install AircrackNG. Hit enter. and this should do it for you.

I already have it installed, so it's not going to do much. To install MacChanger, you could just go the same command, that is apt-get install macchanger, and you can check if both the tools have been installed properly by opening the manual pages by typing man aircrack ng, and this will open up the manual page for you. And let's also do the same for MacChanger.

So what we're going to do first is set up our network interface car into monitor mode. So to do that, all we have to do is type ifconfig and we need to put our network interface card down. So we go WL01 down and with the command ifconfig, we go mode monitor. Don't forget to specify the interface that you're working on. So ifconfig WL01 mode monitor.

And all you have to do now is put it back up. So what we are going to type is ifconfig WL01 up. You can check the mode. It'll say managed if it's in monitoring mode. So as you guys can see, it says mode managed.

So that's how we're going to go ahead. So you can check that just for your own purposes. So we can also check for only WL01 by specifying the interface.

Or you could also check the mode only by passing it through a pipe function, and that is using grep mode. So iwconfig, WL01, grep, and mode. Well, mode begins with a capital M, so that's how you would probably return it.

So as you guys can see, that has returned the mode for us. along with the access point and the frequency. Okay, so that was a little fun trivia on how you could fetch the mode from a certain command that like IWConfig by passing it through a pipe and grabbing it with mode.

Grab basically means grab. Okay, so now moving on, we will get to the more important stuff now. So firstly, we need to check for some sub-processes that might still be running and that might actually interfere with our scanning process. So to do that, what we do is airmonng check and then the name of the interface. Now as you guys can see I have the network manager that is running out here and we need to kill that first and that can be easily done by going kill with the pid.

After that you can run a general command called airmonng check and kill so whatever it finds it will kill it accordingly and when it produces no results like this that means you're ready to go as there are no sub-processes running that might actually interfere with our scan. Now what we want to do is we want to run a dump scan on the network interface card and check out all the possible access points that are available to us. So as you guys can see, this produces a bunch of access points and they come with their BSS IDs.

They also have the power, which is the PWR. That is the power of the signal. And let me go down back again. So yeah, you can see the beacons, you can see the data, you can see the channels available and what the BSS ID is.

It's the MAC ID that is. actually tied in with the ESS ID, which basically represents the name of the router. Now what we want to do from here is we want to choose which router we want to actually DOS. Now the whole process of DOSing is actually we will continuously deauthenticate all the devices that are connected to it.

So for now I have chosen Edureka Wi-Fi to actually DOS out. And once I send a deauthentication broadcast it will actually deauthenticate all the devices that are connected to it. Now this deauthentication is done with a tool called AirReplay which is a part of the AirCrack NG suite of tools. Now let us just see how we can use air replay by opening up the help command.

So we go dash dash help and this opens up the help command for us. Now as you guys can see it shows us that we can send a deauthentication message by typing in the hyphen zero. And then we need to type in the count.

So what we are going to do is type in hyphen zero which will send a deauthentication message. And now we can type one or zero. So one will send only one deauthentication message. While zero will continuously loop it and send a bunch of deauthentication messages.

We are going to say zero because we want to be sure that we are deauthenticating everybody. And we can also generally specify the person we also want to specifically deauthenticate. But for this demonstration, I'm just going to try and deauthenticate everybody that is there.

So what we are going to do is we are going to copy down the MAC address or the BSS ID, as you would know it. And then we are going to run deauthentication message. Now, as you guys can see, our deauthentication message is beginning to hunt on channel nine.

Now, as you guys know, and as I already know, that our PSS ID or MAC address is working on channel six. Now, we can easily change the channel that our interface is working on by just going iwconfig wl1 and then channel and then specifying the channel. As you guys can see, our chosen router is working on channel six, so that's exactly what we're gonna do.

Now, as you guys can see, it immediately starts sending the authentication. codes to the specified router and this will actually make any device that is connected to that router almost unusable. You might see that you are still connected to the Wi-Fi but try browsing the internet with them.

You will never be able to actually reach any site as I'm constantly de-authenticating your service. You will need that four-way handshake all the time and even if it completes you are suddenly de-authenticated again because I'm running this thing on a loop. Now you can let this command run for a few moments. or how much of a time you want to DDoS that guy for. Well, this is not exactly a DDoS because you're doing it from one single machine, but you can also optimize this code to actually looks like it's running from several different machines.

So let me just show you how to do that. We're gonna write a script file to actually optimize our code a lot. So this script file will actually automate most of the things that we just did and also optimize a little by changing our MAC address every single time. So we become hard to actually point out.

So the first thing that we wanna do is, We want to put our wireless network card down. And maybe that's not the first thing that I want to do. Just give me a moment to think about this. I haven't actually thought this through.

And I'm doing this on the fly. Okay, so the first thing that we're going to do is we're going to start a while loop that is going to continuously run until we actually externally stop it. So we go while true.

And then we're going to say do. And the first thing that we want to do is send out a deauthentication message. And we are going to send it.

around 10 deauthentication messages and we want to run it on a specific BSS ID. So that is the BSS ID that I had copied. So let me just put in that. And then we just put in the interface that it's supposed to work on.

Now, what we want to do after that is we want to change the MAC address after we have sent all these 10 packets. So what we will need to do is put down our wireless network. And as already discussed, we can do that with ifconfig wl1 down.

and now what we want to do is change our MAC address. So we can do that with the simple tool that we had installed and saying MACChanger-R. So let me just open up a quick tab and show you guys how MACChanger actually works.

Now you can already check out my other video called the Ethical Hacking Course, which actually covers a lot of topics and MACChanger is just one of them. And you can check how to use it in depth in that video. But for now, let me just give you a brief introduction how MacChanger works.

The MacChanger will basically give you a new Mac address every time. Let me just open up the help menu for you guys. So as you guys can see, these are the options that are available to us. We can get a random Mac address.

We can also tell it to show our Mac address. And we also have to specify the interface when we want to show us the Mac address. Now let me just generate a new Mac address. So you see out here that interface up or insufficient permissions is being shown.

So this means we always have to put down our interface first. So let me just do that quickly. I have config wl01 down and now what we want to do is give ourselves a new MAC address and boom roasted.

We already have a new MAC address as you guys can see from the new Mac part. Now, if we put back our network interface card and then try and show our MAC address again, we see that our current MAC and our permanent MAC are two completely different MAC addresses. And our current MAC and the new MAC are identical.

So this is how you can actually generate new MAC addresses to spoof your own identity on the while. And that is very useful in this case because the person you're attacking will be so confused as to what to do. because your MAC address is changing every time and there's no real solution to the situation that you're creating for them. At least I don't know of any solution. If you do know how to stop this for yourself, please leave it down in the comment section below and help the world a little bit.

Now we want to also get to know what our MAC address is every time. So let me just pipe my function through the whole thing and let me just try and grab the new MAC address. So MAC changer are wl1 and grep mac.

and then we want to put our network card in the monitor mode. And then we also want to put up our network interface card. Now, what we want to do out here is optimize it. So we can't be attacking constantly.

So let us put a sleep timer. So this will make our program sleep for a particular amount of time. I'm going to make it sleep for five seconds.

So after every five seconds, it's going to send that particular BSS ID, then deauthentication messages. Then it's going to bring down my interface card. it's gonna change my MAC address. It's gonna put back the interface card into monitor mode and sleep for five seconds and then repeat the entire process. And to end the script, let's just say done.

So that will denote when the loop is done. Now let me just save it, Control-O, Control-X to exit. And there we go. Okay, so first of all, to actually run this, need to give it.

some more permissions. So as you guys can see, we already have it. Let me just put it in a much more readable format. Okay, so as you guys can see, our DOS DOS SH doesn't really have executability. So we can do that with command chmod.

So I'm going to give it some executable permissions. So chmod plus x and then the name of the file. So this will actually change our DOS DOS SH into a executable bash script.

Okay, so it seems that we have done some error. So let's just. go back into our bash script and check for the error that we have probably done so nano dos dos h at dos dot sh ah okay so the thing that i am missing is that i forgot the hyphen a that i'm supposed to put before putting the bss id in the air replay ng part of the code so let me just go ahead and quickly do that okay so now that that is done let me just save it and quickly exit and see if this thing is working Okay, so now we are trying to work out our script.

Now, you guys should know that this edureka Wi-Fi is my company's Wi-Fi, and I have complete permission to go ahead and do this to them. Also, my company's Wi-Fi is kind of secure, so every time it senses that a deauthentication message is being sent like that, it kind of changes the channel that it is working on. So these guys are really smart, smarter than me most of the time. And this time...

I'm just gonna try and force them to work on channel six. So let me just go ahead and run my script once. Okay, so let me just check that they're still working on channel six.

Yep, they're still working on channel six. Let me just check my script once if it's correctly done, if I have the perfect Mac ID. Let me just copy in the Mac ID just to be sure once again.

So there you go, we've copied it. Let's go into the script and let's paste it out. Okay, so now that that is done, and we have Mac IDs and everything set up properly.

Let me just show you how to run the script. So you go dot and backward slash, and then you say dos, dos, sh. Now you see that our thing is working on channel eight. So this will definitely not work and say that BSS ID is not there. So what we need to do, as I had showed to you guys earlier, we can go iwconfig wl1 and change the channel to channel six.

Oops, I changed it to channel eight again. This will not work. I'm sorry. That was my bad.

So now that we have changed it to channel six, you can see that it is sending everything immediately. Okay, so that is actually running our script very well. And as you guys can see, the security measures that are taken by my company, it will not always work on channel six.

It'll keep rotating now until it finds a safe channel. So it really can't find a safe channel. I will always be dosing on channel six and it will run sometimes and it won't run sometimes, but mostly with on secure wifi that is running at your home mostly, this will work 100% times.

So let me just stop this because my company will go mad on me if I just keep on DOSing them. So this brings us to the end of our demonstration. This is how you can always DOS your neighbors if they're annoying you. But remember, if you're caught, you could be prosecuted.

So this was about how DDoS works, what DDoS actually is and the different types and how you can do one on your own with your own system. Okay, so that's it for me for today. I'll meet you guys in the next tutorial video. Goodbye. I hope you have enjoyed listening to this video.

Please be kind enough to like it and you can comment any of your doubts and queries and we will reply them at the earliest. Do look out for more videos in our playlist. and subscribe to Edureka channel to learn more. Happy learning!

Transcript for:Understanding DDoS Attacks and Prevention

Transcript for:
Understanding DDoS Attacks and Prevention