Hacker News new | past | comments | ask | show | jobs | submit login

I am not sure I would trust sending 16,777,216 packets to Apple several times in a row. Especially a company with a legal team as large as apple.

What is the difference between this tool and the drive by DDoS "testing" tools you can pay to use online. They seem identical to this tool except Masscan stops after the first try.




I'm sure ur already sending 10k+ packets from just casually browsing their website, albeit they would be a lot bigger than massscans(which is a couple of bytes), vs http (a couple of million bytes(assuming the website isn't plain teyt)


That's a completely trivial level of traffic at scale. I can almost guarantee this wouldn't even flag an alert, much less be investigated by legal.


If you read these comments organizations are threatening legal action and reports to law enforcement.

https://github.com/robertdavidgraham/masscan/blob/master/dat...


They're also not apple :) These companies are probably just getting alerts from their intrusion detection system telling them someone's port scanning them.

I'll amend my earlier comment a bit. Apple as a corporation doesn't care, neither I imagine would Apple's corporate IT security as an entity, but individual people in Apple might decide port scanning is the bain of their existence and send something, but that's a fluke.


Seems like a very tiny list, given the nature of the tool (none of which I had really heard of)


The difference this this tool is a hammer and like any tool the operator is responsible to use it safely and appropriately, while the botters are people advertising that they got a hammer, and are willing and eager to bludgeon people to death with it for some money.


Your comment makes the most sense.

Where would the line between abuse and curiosity be? If you were the target of an overzealous company how can you make the distinction?


Apple wouldn’t even notice. For example recently there was an article here about 5 hackers that spent 3 months attacking Apple (white hat) and Apple seemed unaware until the bug reports were sent in.


Ddos tools usually use amplification, instead of sending 1:1 bytes (that is u sending 1 byte and receive 1 byte as answer) They may query a database instead which a 30 byte search query results in couple thousand bytes of results + the load on the database

It would be expensive to just use raw network power to overwhelm a web service(u would need more bandwidth than the host)

Meanwhile with amplification u only need a 10th or less

Here an example https://www.imperva.com/learn/ddos/dns-amplification/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: