Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name	DDOS:HOIC-HTTP-METHOD
Severity	Major
Recommended	No
Category	DDOS
Keywords	High Orbit Ion Cannon (HOIC) HTTP Request
Release Date	2012/04/27
Update Number	2126
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

DDOS: High Orbit Ion Cannon (HOIC) HTTP Request

This signature detects the behavior of the High Orbit Ion Cannon (HOIC) packet flooding tool. Attackers can use this tool to send extremely large amounts of packets over the network to attempt to overwhelm a target. When used collectively from multiple sources, a Distributed Denial of Service (DDoS) can occur. A bug in some proxy servers can also trigger this signature. Therefore, this signature should only be used to protect your web servers from attacks from the Internet, and not to monitor out-bound traffic from your end-users, especially if the users are behind a proxy.

References

URL: http://blog.spiderlabs.com/2012/01/hoic-ddos-analysis-and-detection.html

Signature Detail

This site is deprecated. Please CLICK HERE for latest updates

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

DDOS: High Orbit Ion Cannon (HOIC) HTTP Request

References