Penetration Testing mailing list archives
AW: DDos within a pentest
From: "Julian Totzek" <julian.totzek () bristol de>
Date: Tue, 10 May 2005 09:13:54 +0200
Hi Thierry
Considering this : JT> I dont want to get a bandwidth overload, I just want JT> to show that the server is not able to handle all the syn packets. I don't understand this : JT> We only have a 2Mbit line here in the office, so if I need to JT> flood a 10Mbit line there will not be enough packets to do this, JT> right? If you send SYN packets to an open port with active services you won't need a 2mbit line to DoS a 10mbit line, except of course your into traffic exhaustion which your first statement however negates.
Yes, ok, you're right. Not perfectly explained. I meant if there is a customer with 100Mbit, they normally have some loadbalacer or something else so I won't get these devices flooded with our 2Mbit here. The other perspective is that nobody here can use the internet if we do a full 2Mbit floding!
Current thread:
- AW: DDos within a pentest Julian Totzek (May 11)