-2

I used hping3 to stress test a web app (DoS): 

sudo hping3 -S --flood -V -p 80 [IP addr/url]

When I attempted to get access to the target web application through my network, it refused to connect with the error 

This site can’t be reached. [website address] refused to connect

Then, I used my mobile phone with 4G internet data and successfully got access to that website.

I don't know why the result was like that. Can anyone explain this matter?

schroeder
  • 123,438
  • 55
  • 284
  • 319
sanba06c
  • 103
  • 9
  • 4
    A common measure against denial of service attacks is to block all traffic from sources detected as sources of attack. We can't guess what system is performing this, but surely you know since you would only be doing this against a system you are authorized to stress test. – Marc May 19 '20 at 14:32
  • No, that's not what I meant. In this case, after stress testing, I couldn't not connect to the target website through internal network, while I could do it on my mobile phone with 4G internet data. – sanba06c May 19 '20 at 14:43
  • 4
    Your internal network is being blocked since it's the one issuing the attack, the mobile network is not. – Marc May 19 '20 at 14:44
  • No, I would still be able to access the website if I stopped flooding it with hping3. – sanba06c May 19 '20 at 15:08
  • 4
    The block is likely to be for an arbitrary amount of time. Anything from minutes to days, or even permanent. Either way, you have not provided nearly enough details for us to be able to help. – Marc May 19 '20 at 15:09
  • Yeah, it seemed the case. I did test again and confirmed that the hping flooding was successful and the network issuing the attack was temporarily blocked by firewall. – sanba06c May 19 '20 at 15:18

1 Answers1

1

Without much more information on the specific site etc., the most likely cause of your failure to then access the site is that you were blocked. This is a very common defence mechanism: spot denial of service attack coming from an IP address or range --> block that IP or entire range for some time, often completely.

This would also explain why you could connect from a different network.

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320