If an attacker can hack your website and get shell access (for example, using SQL Injection or Code Injection), they can make you participate in attacks. LOIC (or similar applications) may be installed in console mode and controlled using IRC. If your website is vulnerable, it can be used as an agent (zombie) in a DDoS attack. If this is not possible, make sure that you use the firewall to limit the number of connections per IP in a given period. The best way to mitigate a DDoS attack is to have an infrastructure that can handle a lot of traffic. If your web server is hosted on a renowned virtual cloud (for example, Akamai or Cloudflare), such services have sufficient protection. Web application firewalls (WAF) work well for most DoS/DDoS attacks but intrusion detection/prevention systems (IDS/IPS) are the best tool to use to protect against such attacks in general.ĭoS/DDoS attempts are best throttled at the Internet Service Provider level. Therefore, vulnerability scanners and network scanners cannot be used to protect against it. LOIC does not rely on any vulnerabilities. It was used in the past in denial of service attacks that the 4Chan hacktivism group Anonymous organized against such companies like Mastercard and Paypal (Operation Payback), as well as organizations such as the Church of Scientology. This means that hacktivist organizations have no problems with getting a large number of people to participate in such attacks.
However, it is also very easy to install and use. The Low Orbit Ion Cannon is a very basic attack tool that uses the simplest techniques. If a large number of users flood the target server, it may experience a denial of service. In this mode, the attackers use an IRC (Internet Relay Chat) channel for coordination and create a voluntary botnet (one participant is the master and the rest are slaves). LOIC cannot use proxies, so the IP address of the user is clearly visible to the target (stored in logs).Ī single person using LOIC has very little impact but the application may run in hivemind mode. Attackers use it to flood the target with bogus network traffic so that it has no resources to serve legitimate requests. It sends a stream of TCP packets, UDP packets, or HTTP GET packets to a selected host ur URL. The name comes from a fictional weapon used in a video game. The successor of LOIC is called the High Orbit Ion Cannon (HOIC). There is also a JavaScript version (JS LOIC) that can be embedded in a page and a web application that only requires the user to open the web browser (Low Orbit Web Cannon). The LOIC is available for Windows, Linux, OS X, Android, and iOS. This application is available as open source on and often used by malicious parties for DoS (denial of service) and DDoS (distributed denial of service) attacks. The Low Orbit Ion Cannon (LOIC) is a tool that was developed by Praetox Technologies as a network stress testing application and then released into the public domain.