Jump to content

how do ip booting webites work?

xtdycxtfuv
By xtdycxtfuv
in Networking
 Share
Posted

hello everyone im kinda new to all this intenet stuff and i think im just starting to get to grips with it, so i was wondering how ip booting works: is it where the router cant handle the ammount of requests being sent to it and if that is the case, why does that happen? if you have a static ip from your isp, what happens if someone ddos you? do you stay offline until the person sending the requests decides so, do you need to contact your isp and get them to change it?

 

and two more quests. if it is illegal to do this stuff, then how do websites like https://www.stressthem.to exist? is it like a legal loophole? and is there anyway of preventing this?

 

one of the reasons im asking this is becuase im trying to set up my own website and host it myself, and i dont really wanna get hacked. thank you for reading : ] 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, xtdycxtfuv said:

i was wondering how ip booting works: is it where the router cant handle the ammount of requests being sent to it and if that is the case, why does that happen?

The idea is to cause so much traffic that either your router(s) can't handle it, or your bandwidth isn't enough to handle it. If you e.g. only have a subscription for, say, 50Mbps down and there's more traffic than that aimed at you, then obviously all your bandwidth will be spent on that junk-traffic.

 

7 minutes ago, xtdycxtfuv said:

if you have a static ip from your isp, what happens if someone ddos you? do you stay offline until the person sending the requests decides so, do you need to contact your isp and get them to change it?

Depends entirely on your ISP. Some ISPs do have equipment to deal with a DDoS, so they'll just filter it out, and some will just tell you to sit and wait.

 

9 minutes ago, xtdycxtfuv said:

and two more quests. if it is illegal to do this stuff, then how do websites like https://www.stressthem.to exist? is it like a legal loophole? and is there anyway of preventing this?

Many such websites are taken down eventually, but the people behind them often slip away and just whip up a new one. Also, stress-testing your own network isn't illegal, and neither is stress-testing your employer's network if you're in charge of such operations, so that's one loophole these services rely on.

 

As for being able to prevent stuff like this? There are really only two options: 1) sign up for a business-account with your ISP and buy a shitton of bandwidth and then invest in high-end networking-equipment capable of handling a small DDoS-attack 2) sign up for Cloudflare or similar services who offer DDoS-protection.

 

15 minutes ago, xtdycxtfuv said:

and i dont really wanna get hacked

Getting hacked and getting DDoSed are two entirely different things.

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
14 minutes ago, xtdycxtfuv said:

hello everyone im kinda new to all this intenet stuff and i think im just starting to get to grips with it, so i was wondering how ip booting works: is it where the router cant handle the ammount of requests being sent to it and if that is the case, why does that happen? if you have a static ip from your isp, what happens if someone ddos you? do you stay offline until the person sending the requests decides so, do you need to contact your isp and get them to change it?

 

and two more quests. if it is illegal to do this stuff, then how do websites like https://www.stressthem.to exist? is it like a legal loophole? and is there anyway of preventing this?

 

one of the reasons im asking this is becuase im trying to set up my own website and host it myself, and i dont really wanna get hacked. thank you for reading : ] 

Stressing Your own servers and websites is completly ok, (though whoever your host is might not be happy)
Stressing and trying to pull a DOS attack on someone's stuff is Completly illegal and you will face the law. 
if you want to prevent hacking (not the same as a DOS attack), use good passwords and never share them. and encrypt your data & backups (HAVE BACKUPS)

I suggest you use https://www.cloudflare.com/en-ca/ 

~New~  BoomBerryPi project !  ~New~


new build log : http://linustechtips.com/main/topic/533392-build-log-the-scrap-simulator-x/?p=7078757 (5 screen flight sim for 620$ CAD)LTT Web Challenge is back ! go here  :  http://linustechtips.com/main/topic/448184-ltt-web-challenge-3-v21/#entry601004

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
16 minutes ago, xtdycxtfuv said:

 if you have a static ip from your isp, what happens if someone ddos you? do you stay offline until the person sending the requests decides so, do you need to contact your isp and get them to change it?

Your network won't be able to handle legitimate requests in time because it's too busy to handle other requests. All the other person sees on the other end is the server timed out.

 

Changing the IP address does nothing if you're using a hostname rather than an IP address to access the server. If your website is accessed via www.myhomepage.com, the DNS servers will simply resolve it to whatever IP address you set up.

16 minutes ago, xtdycxtfuv said:

and two more quests. if it is illegal to do this stuff, then how do websites like https://www.stressthem.to exist? is it like a legal loophole? and is there anyway of preventing this?

The intent of the attack constitutes whether or not it's legal. If you're using it to stress test your own website, then it's perfectly fine.

16 minutes ago, xtdycxtfuv said:

one of the reasons im asking this is becuase im trying to set up my own website and host it myself, and i dont really wanna get hacked. thank you for reading : ] 

As mentioned, getting DDOSed is different from getting hacked. If you really don't want to worry about being DDOSed, then use some service provider that offers DDOS mitigation like CloudFlare.

I have a blogAnd a list of guides I've posted

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
5 minutes ago, Mira Yurizaki said:

 

Changing the IP address does nothing if you're using a hostname rather than an IP address to access the server. If your website is accessed via www.myhomepage.com, the DNS servers will simply resolve it to whatever IP address you set up.

okay two things: is a hostname a domain name assigned to an ip? and what if instead of a dns i use a ddns? 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 minute ago, xtdycxtfuv said:

okay two things: is a hostname a domain name assigned to an ip? and what if instead of a dns i use a ddns? 

It doesn't really matter. The point of DNS is to resolve hostnames to an IP. As long as you want whatever hostname you use to point to your server, attackers simply have to attack using the hostname.

I have a blogAnd a list of guides I've posted

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
6 minutes ago, Mira Yurizaki said:

It doesn't really matter. The point of DNS is to resolve hostnames to an IP. As long as you want whatever hostname you use to point to your server, attackers simply have to attack using the hostname

ah so basically, i have no real control over if i get attacked or not. well thats cleared up my doubts, thanks!

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×