I DDoS'd Myself (Don't Do This)

The video walks through a live demonstration of a denial‑of‑service attack performed on the presenter’s own web server, illustrating both a simple ICMP ping flood and a distributed variant. The host warns viewers that such activities are illegal without permission and can result in jail time.

Using the hping3 tool with the “‑1” flag, a single‑machine ping flood is launched against the target IP. Because the server has ample bandwidth, response times remain sub‑millisecond, showing that a lone source cannot easily overwhelm a well‑provisioned system. When additional machines are added, latency spikes to up to 19 ms on a local LAN, exemplifying a basic distributed denial‑of‑service (DDoS) effect.

The presenter notes, “We’ve gone from sub millisecond to at times 19 milliseconds,” highlighting the dramatic impact of coordinated traffic. He also points out that the attack exploits a routine network diagnostic protocol—ICMP—and can be thwarted simply by disabling ping responses on the server.

The demonstration underscores that while low‑level DDoS attacks are trivial to launch, they are equally trivial to mitigate, emphasizing the need for proper network hardening. Moreover, it serves as a cautionary reminder of the legal ramifications of unauthorized testing, reinforcing best practices for ethical security research.