Re: Using Nmap as a Network Stress Testing Tool

[Brandon Enright <bmenrigh () ucsd edu>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 11 Mar 2009 07:24:35 +1000
Professor 0110 <professor0110 () gmail com> wrote:

> Hi everyone,
> I was just wondering if there was anyway that I could utilize Nmap as
> a Network Stress Testing tool, or a tool which enables me to get a
> rough idea of how my network and firewalls will be able withstand a
> DoS attack (SYN Flood and UDP Flood). What sparked this idea was the
> fact that Decoy scanning can cause a SYN Flood if the decoy targets
> are not available. But since this TCP/IP Flaw was fixed over a decade
> ago, it is hardly useful anymore.
>
> Cheers,
>
> Professor 0110

Well you could just specify a really high --min-rate.

Remember though, Nmap has a bunch of engineering work put into slowing
down to the capacity of the network.  You'd probably be best either
coding up your own tool (DoS-only code is short and simple) or using a
tool like Unicornscan that doesn't have any logic for slowing down.

Brandon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)

iEYEARECAAYFAkm25DgACgkQqaGPzAsl94K5KgCbBztEN/qb3YTe6gIN3aQ7RlA1
yEoAni+6Kw7cV1sTETfRRRCnNGwdYU+V
=dKpI
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org