Skip to content

Instantly share code, notes, and snippets.

@appgurueu

appgurueu/dont_do_ddos.md

Created March 3, 2022 10:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save appgurueu/090dad7fd4a573ce9ed08d7e711ecc1f to your computer and use it in GitHub Desktop.
Save appgurueu/090dad7fd4a573ce9ed08d7e711ecc1f to your computer and use it in GitHub Desktop.
Download ZIP
Why you should not partake in the ongoing coordinated DDoSing activities
Raw
dont_do_ddos.md

Why you should not partake in the ongoing coordinated DDoSing activities

  • It might hit the wrong targets. Do you really trust whatever tool you run and whatever list you received to only hit what you wanted to hit? DDoSing will also unnecessarily increase network load on the route from you to the target.
  • It's illegal and might come back at you. DDoSing is illegal on multiple levels. It's usually easy to prove through server logs. Your ISP might - often automatically - ban you. The targets of your attacks might "strike back" or use your attacks as a pretense to inflict even more harm to your region. You can merely hope that you will not be persecuted for your naive criminal offenses.
  • It's risky. You'll - one way or another - be running foreign code on your machine. That always comes with a risk (which can only partially be reduced through virtualization, be it through the browser environment or something like Docker). Even if no control over your machine is gained, your IP at the very least is publicly exposed and your computational power may be abused to say, mine BitCoin.
  • It's expensive. Both electricity and internet access don't come for free. Consumer systems aren't suited for this.
  • It's ineffective. A droplet in the sea. It's usually way cheaper for the targets to scale their systems or to block your addresses than it is for you to get thousands of fresh IP addresses. Back to point one: If the wrong targets are selected, that alone is enough to make it ineffective.

Websites that start attacks as soon as you visit them are particularly sketchy as they implicitly assume your consent to an illegal activity merely by you not leaving the website. That's unacceptable; please do not share links to such malicious sites.

Your chance of doing more harm than good - be it to yourself or others - is way too high to even consider this. You can't trust the people coordinating the operations and you can hardly know what you're doing unless you're an expert (and experts would never join such a primitive and risky business using their personal devices). Please show your support in a decent manner.

Perhaps not all of these points apply to you (some may be knowledgeable enough to carry out the attacks themselves using renowned tools instead of relying on running sketchy tools for instance), but the overall conclusion stays the same: Do not DDoS anyone out of misguided actionism.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment