LOic DDoS - Tango Down!
by Sue Basko
by Sue Basko
LOic DDoS is "Low Orbit ion cannon Distributed Denial of Service." It's a fancy way of saying you're attacking a website to knock it off the internet for a few minutes.
LOic DDos is pronounced: low ike dee' doss.
LOic stands for "low orbit ion cannon." DDoS stands for "distributed denial of service."
LOic stands for "low orbit ion cannon." DDoS stands for "distributed denial of service."
Some people call LOic "Lazers" or "Lazors." They might say, "Fire up the lazors."
When the website goes down, it is "Tango Down!"
LOic is named for a weapon, called an ion cannon, in a video game.
A LOic is a computer program that attacks a website to knock it temporarily offline. When a LOic is aimed at a website, this can cause a DoS, a "denial of service." "Denial of Service" means that people who are trying to see and use the website cannot do so.
The LOic sends info packets at the computer that is being attacked. If a group of people are aiming a LOic at the same website at the same time, this is a LOic DDoS, or low orbit ion cannon distributed denial of service. Since the DoS is being caused by info packets coming from multiple computers at the same time, it is called a Distributed Denial of Service, or DDoS. It is just a bunch of people at the same time aiming their lazor cannons at the same thing at the same time.
The LOic sends info packets at the computer that is being attacked. If a group of people are aiming a LOic at the same website at the same time, this is a LOic DDoS, or low orbit ion cannon distributed denial of service. Since the DoS is being caused by info packets coming from multiple computers at the same time, it is called a Distributed Denial of Service, or DDoS. It is just a bunch of people at the same time aiming their lazor cannons at the same thing at the same time.
A DDoS works the same way as if many people, all at the same time, clicked on the URL to see the website. Each website can only serve a certain number of new viewers at the same time. Depending on what kind of web service the site has, that number can be from a few hundred to a few thousand. That's why it is easier to Tango Down a website running off a weak, cheap server than to knock down a more expensively run site.
Some people have fun sitting around shooting down cheesy sites. Other people plan a DDoS as a protest against something they think is wrong in the government or in society. Other people do a DDoS to get revenge or to bother someone they do not like.
Some people have fun sitting around shooting down cheesy sites. Other people plan a DDoS as a protest against something they think is wrong in the government or in society. Other people do a DDoS to get revenge or to bother someone they do not like.
LOic programs are available for free on the internet. There are also websites that run LOic attacks. Some charge a fee and do the LOic.
Some people voluntarily join a botnet. This is when an automated LOic is placed onto their computer and is activated by others. Sometimes people are tricked into joining a botnet. Someone will get them to click on a link that downloads a LOic that is run by a botnet. Then the LOic is on their computer attacking websites, and they don't even know it is happening.
Usually, LOic DDoS only knocks a website offline for a few minutes to a half hour. However, if it is a company that deals in finance or selling, the company might lose a lot of money in those minutes.
LOic DDoS attacks are illegal according the the CFAA, the Computer Fraud and Abuse Act. The CFAA deals with "protected computers," and that includes any computer connected to the internet for interstate commerce or communication. That is any computer connected to the internet, because they are all communicating state to state. So, every computer connected to the internet is a "protected computer" and is covered by the CFAA. So, if you attack any computer that is on the internet, you might be breaking the law called the CFAA.
In the U.S., DDoSing is charged as a crime under the CFAA by saying it exceeds authorized use of a computer and causes damage. In the UK, DDoSing is specifically illegal under the Police and Justice Act of 2006.
In the U.S., DDoSing is charged as a crime under the CFAA by saying it exceeds authorized use of a computer and causes damage. In the UK, DDoSing is specifically illegal under the Police and Justice Act of 2006.
LOic DDoS attacks can be traced back to the IP addresses, or internet protocol addresses, that sent them. Does using a VPN mask the IP? Not sure, but relying on this is taking a risk. Many VPN services log the IP, while others do not log.
Under the CFAA, a person convicted of DDoSing a website can get a 10 year prison term. That is a long time for something that affects a website for a few minutes.
Some people think DDoSing should be considered a form of protest and allowed as a First Amendment activity. DDoSing or defacing a site related to the topic of protest can be very effective in getting public attention. Allowing DDoSing as a First Amendment form of protest is an interesting idea to think about and consider, but right now, this is not the reality. DDoSing is considered a crime with an unusually high penalty of long imprisonment.
There are other ways to protest on the internet that are legal and protected by the First Amendment, such as writing about what is happening, a hashtag blitz on Twitter, or petitions. Some people say that petitions do not get results, but this is not true. There are many success stories with petitions.
There are other ways to protest on the internet that are legal and protected by the First Amendment, such as writing about what is happening, a hashtag blitz on Twitter, or petitions. Some people say that petitions do not get results, but this is not true. There are many success stories with petitions.
Conspiracy: Some people have been charged with Conspiracy to DDoS. A person can be charged with Conspiracy to commit a crime if they planned with others to commit a crime and took some step in furtherance of it. For example, if people on the internet are chatting about planning to DDoS and you chat along and take some step in furtherance, such as downloading the LOic or clicking on the botnet link, then you might be involved in a Conspiracy, even if you personally never launch a LOic.
The sentencing for Conspiracy is twofold: for the Conspiracy itself, and for the underlying crime, as if you committed the crime.
If you plan to get involved in a DDoS, please read up first and understand the law. You may want to talk to one of your parents or someone you trust and ask them if you should be involved. Is your reason for being involved worth the risk of prison or fines? Is this the most effective form of protest or would a legal type of protest be just as effective or even more effective? You might want to make a little chart where you list the pros and cons of being involved. Don't let people force or trick you into doing something you don't really want to do.
If you plan to get involved in a DDoS, please read up first and understand the law. You may want to talk to one of your parents or someone you trust and ask them if you should be involved. Is your reason for being involved worth the risk of prison or fines? Is this the most effective form of protest or would a legal type of protest be just as effective or even more effective? You might want to make a little chart where you list the pros and cons of being involved. Don't let people force or trick you into doing something you don't really want to do.