Researchers from Kapersky Lab recently reported on a new distributed denial-of-service (DDoS) tool. The HTTP Unbearable Load King (HULK) tool is different from others of its kind in that it does not simply hit a server with a massive load of TCP SYN requests or other predictable packets.
Instead, HULK generates numerous unique requests designed to prevent server defenses from recognizing a pattern and filtering the attack traffic. The HULK DDoS tool is the work of Barry Shteiman, a security pro who developed it out of frustration with the obvious patterns produced by other such tools.
In order to confuse the target Web server as thoroughly as possible, Shteiman has included a number of different features in HULK, including the ability to hide the actual user agent and obfuscate the referrer for each request. In his own tests, Shteiman said that the attack tool had no trouble taking down a target server within a minute or so.
"Basically my test web server with 4gb of Ram running Microsoft IIS7 was brought to its knees under less than a minute, running all requests from a single host," Shteiman said.