Then u send 1-2 packets to apples entire ip range, there's not much harm done, the tool doesn't send packets to one and another, it partitions the whole ip list and sends it in random order so that not a single endpoint gets hirt hard , usually a single machine can handle easily 100k packets per second, they not hitting an application most of the time at all, they incomplete tcp packets, and just check for existence, they not sending a a huge chunk of packets repeatedly
I am not sure I would trust sending 16,777,216 packets to Apple several times in a row. Especially a company with a legal team as large as apple.
What is the difference between this tool and the drive by DDoS "testing" tools you can pay to use online. They seem identical to this tool except Masscan stops after the first try.
I'm sure ur already sending 10k+ packets from just casually browsing their website, albeit they would be a lot bigger than massscans(which is a couple of bytes), vs http (a couple of million bytes(assuming the website isn't plain teyt)
They're also not apple :) These companies are probably just getting alerts from their intrusion detection system telling them someone's port scanning them.
I'll amend my earlier comment a bit. Apple as a corporation doesn't care, neither I imagine would Apple's corporate IT security as an entity, but individual people in Apple might decide port scanning is the bain of their existence and send something, but that's a fluke.
The difference this this tool is a hammer and like any tool the operator is responsible to use it safely and appropriately, while the botters are people advertising that they got a hammer, and are willing and eager to bludgeon people to death with it for some money.
Apple wouldn’t even notice. For example recently there was an article here about 5 hackers that spent 3 months attacking Apple (white hat) and Apple seemed unaware until the bug reports were sent in.
Ddos tools usually use amplification, instead of sending 1:1 bytes
(that is u sending 1 byte and receive 1 byte as answer)
They may query a database instead which a 30 byte search query results in couple thousand bytes of results + the load on the database
It would be expensive to just use raw network power to overwhelm a web service(u would need more bandwidth than the host)
Meanwhile with amplification u only need a 10th or less
Whilst I have no inside information on Apple, I'm pretty sure that'd be a tiny portion of the traffic they see daily. They may blackhole you just to cut down the noise, but frankly given the level of DDoS they'll get regularly, I doubt they'd bother.
For one very quick stat "The average size of DDoS attacks was at the mindblowing 26.37 GBps in Q2 2018"
You got your units wrong. 26 GBps (208 Gbps) would be among the largest attacks recorded in history. Maybe you meant to say 26 Gbps which is 8 times less, but even that is a very large and notable attack, hardly any company could withstand it outside of CDN and big tech.
that's a direct copy/paste from the first article on DDoS size I saw https://hostingtribunal.com/blog/ddos-statistics/ , I wasn't going for deep research, just making a point about massscan from one host not really representing a serious concern for someone like Apple.