Security Activity Bulletin

High Orbit Ion Cannon Distributed Denial of Service Tool

 
Threat Type:IntelliShield: Security Activity Bulletin
IntelliShield ID:28879
Version:1
First Published:2013 April 08 21:30 GMT
Last Published:2013 April 08 21:30 GMT
Port: Not available
Urgency:Unlikely Use
Credibility:Confirmed
Severity:Mild Damage
 
Version Summary:The High Orbit Ion Cannon is a tool that could aid an unauthenticated, remote attacker in conducting distributed denial of service attacks.
 

Description
 
The High Orbit Ion Cannon (HOIC) is a tool that could aid an unauthenticated, remote attacker in conducting distributed denial of service (DDoS) attacks.

The HOIC is a popular DDoS attack tool that is free to download and available for Windows, Mac, and Linux platforms. The HOIC is an upgrade to an older program, the Low Orbit Ion Cannon (LOIC), documented in IntelliShield Alert 22057, which is an open-source tool that is written in the C# programming language. Reports indicate the LOIC is a favored tool of Anonymous and other hacking groups, which is an indication that these attack groups are also using the HOIC.

An unauthenticated, remote attacker using the HOIC could send traffic to a targeted URL in an attempt to overload the targeted website, resulting in a denial of service condition. In addition, the HOIC can target up to 256 web addresses simultaneously, making this tool a powerful resource for hackers who are attempting to conduct DDoS attacks.

Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent DDoS attacks.

Administrators can help protect affected systems from external attacks by using a solid firewall strategy.
 
Alert History
 
Initial Release


Product Sets
 
The security vulnerability applies to the following combinations of products.

Primary Products:
IntelliShieldSecurity Activity Bulletin Original Release Base

Associated Products:
N/A




Alerts and bulletins on the Cisco Security Intelligence Operations Portal are highlighted by analysts in the Cisco Threat Operations Center and represent a subset of the comprehensive content that is available through Cisco Security IntelliShield Alert Manager Service. This customizable threat and vulnerability alert service provides security staff with access to timely, accurate, and credible information about threats and vulnerabilities that may affect their environment.


LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.
Powered by  IntelliShield