Avoiding DOS

biffster · January 4, 2018, 4:45am

Hello,

The rules for the site state: “Any form of DoS (Denial of Service) is forbidden
There is no reason to use any form of DoS on any machine inside or outside of HTB Network. If you accidentaly perform such an attack let us know asap.”

I have read several writeups as well as begun to solve several of the machines and challenges and have observed that many require brute forcing tools/dictionary attacks to complete. I am wondering if anyone has any recommendations for how many threads or requests per minute are appropriate when running some of these tools such as dirb, hydra, etc… to avoid accidentally DOSing a box.

Thanks!

ippsec · January 4, 2018, 1:31pm

Nothing bad will happen if you accidentally DOS a box. If you notice your tools causing issues lower the threads and try again. If a box goes down just revert no harm done. I can’t really give you an answer at the number of threads, because that depends on the box.

That being said if you kick off a 1000 thread dirbuster against every box simultaneously and take down an environment multiple times… Expect a stern talking to.

biffster · January 7, 2018, 5:53am

Ah ok, I was just wondering because I wasn’t so much worried about taking one down as slowing one down and ruining anyone else’s experience. Thanks for the response.

Topic		Replies	Views
Cracking it Off-topic	1	282	April 4, 2020
Sense being DoS'd Machines	2	583	January 28, 2018
New to HTB and pentest Machines	2	373	October 25, 2019
Timing attacks Off-topic	1	61	November 11, 2024
Metasploit Exploits	12	2827	September 4, 2018

Avoiding DOS

Related topics