Security experts are downplaying the significance of a new denial-of-service (DoS) attack tool. The HTTP Unbearable Load King (HULK) program was developed by a white-hat network security researcher, who shared it on his blog as a proof-of-concept demonstration of how to effortlessly knock over web servers. Nonetheless there is …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 6th June 2012 10:38 GMT ukgnome

Acronyms PAH!

Acronyms make me angry, here are a few that make me less angry.

Cannon Utility Network Trauma

Wide Access Network Kaboomer

Force uniformed Collision Kontroller

Penetrate Entry Nodes Internet Server

5 1
Wednesday 6th June 2012 11:26 GMT Wize

"DDoS-from-one-computer"

Doesn't that make it a plain old DoS attack?

Unless bits of that computer are sat round the room linked by long wires...

6 0
1. Wednesday 6th June 2012 12:00 GMT mangobrain
  
  Re: "DDoS-from-one-computer"
  
  To be fair on Shteiman, his original blog post calls it a DoS tool. It is everyone else commenting and reporting on it who seems to have forgotten that the second D means "distributed", presumably because DDoS is still such a hot buzzphrase that they felt the need to use it without really thinking it through.
  
  1 0
Wednesday 6th June 2012 12:39 GMT Ross 7

Baz

"Barry Shteiman, the developer of the HULK python script..."

Someone tell me I wasn't the only one to have to check I hadn't misread the name (I had...)

2 0
Wednesday 6th June 2012 13:41 GMT Filippo

Surely all you have to do is start ignoring requests from a specific IP address if there's too many of them?

1 0
Wednesday 6th June 2012 15:15 GMT Jay Croghan

HAHAHAHAHAHAHAHAHAHA this is absolutely hilarious and about 20 years too late to be anything new! Holy crap why is anyone even reporting on it? All it does is generate random gets... look at it... it's absolutely pathetic and shouldn't have been reported on by anyone.

1 0
1. Wednesday 6th June 2012 15:34 GMT Jay Croghan
  
  I just ran this against an Apache installation locally and I can still bring up web pages with cache disabled without any delay. Epic FAIL.
  
  0 0
Thursday 7th June 2012 08:17 GMT DeKrow

THOR

Having read the HULK author's blog a couple of weeks ago, he already stated that it was easy to recognise HULK's attacks because they come in a specific order. He also went on to say that he developed THOR which recognises and nullifies HULK. What research did Prolexic do more-so than just reading the blog about HULK and THOR? Did they even get down to the THOR part? Doesn't sound like it.

0 0
Thursday 7th June 2012 08:17 GMT DeKrow

re: THOR

My bad, wasn't the author of HULK that wrote / reviewed THOR. That comparison blog is here:

http://blog.spiderlabs.com/2012/05/hulk-vs-thor-application-dos-smackdown.html

Still, the above blog post is a couple of weeks old...

0 0