back to article HULK DDoS-from-one-computer is easily thwarted, say security pros

Security experts are downplaying the significance of a new denial-of-service (DoS) attack tool. The HTTP Unbearable Load King (HULK) program was developed by a white-hat network security researcher, who shared it on his blog as a proof-of-concept demonstration of how to effortlessly knock over web servers. Nonetheless there is …

COMMENTS

This topic is closed for new posts.
  1. ukgnome
    Trollface

    Acronyms PAH!

    Acronyms make me angry, here are a few that make me less angry.

    Cannon Utility Network Trauma

    Wide Access Network Kaboomer

    Force uniformed Collision Kontroller

    Penetrate Entry Nodes Internet Server

  2. Wize

    "DDoS-from-one-computer"

    Doesn't that make it a plain old DoS attack?

    Unless bits of that computer are sat round the room linked by long wires...

    1. mangobrain

      Re: "DDoS-from-one-computer"

      To be fair on Shteiman, his original blog post calls it a DoS tool. It is everyone else commenting and reporting on it who seems to have forgotten that the second D means "distributed", presumably because DDoS is still such a hot buzzphrase that they felt the need to use it without really thinking it through.

  3. Ross 7

    Baz

    "Barry Shteiman, the developer of the HULK python script..."

    Someone tell me I wasn't the only one to have to check I hadn't misread the name (I had...)

  4. Filippo Silver badge

    Surely all you have to do is start ignoring requests from a specific IP address if there's too many of them?

  5. Jay Croghan
    FAIL

    HAHAHAHAHAHAHAHAHAHA this is absolutely hilarious and about 20 years too late to be anything new! Holy crap why is anyone even reporting on it? All it does is generate random gets... look at it... it's absolutely pathetic and shouldn't have been reported on by anyone.

    1. Jay Croghan
      FAIL

      I just ran this against an Apache installation locally and I can still bring up web pages with cache disabled without any delay. Epic FAIL.

  6. DeKrow
    Facepalm

    THOR

    Having read the HULK author's blog a couple of weeks ago, he already stated that it was easy to recognise HULK's attacks because they come in a specific order. He also went on to say that he developed THOR which recognises and nullifies HULK. What research did Prolexic do more-so than just reading the blog about HULK and THOR? Did they even get down to the THOR part? Doesn't sound like it.

  7. DeKrow
    FAIL

    re: THOR

    My bad, wasn't the author of HULK that wrote / reviewed THOR. That comparison blog is here:

    http://blog.spiderlabs.com/2012/05/hulk-vs-thor-application-dos-smackdown.html

    Still, the above blog post is a couple of weeks old...

This topic is closed for new posts.

Other stories you might like