AW: DDos within a pentest

["Julian Totzek" <julian.totzek () bristol de>]

Hi Thierry

> Considering this :
> JT> I don’t want to get a bandwidth overload, I just want
> JT> to show that the server is not able to handle all the syn packets.
>
> I don't understand this :
> JT> We only have a 2Mbit line here in the office, so if I need to
> JT> flood a 10Mbit line there will not be enough packets to do this,
> JT> right?
>
> If you send SYN packets to an open port with active services you won't
> need a 2mbit line to DoS a 10mbit line, except of course your into
> traffic exhaustion which your first statement however negates.

Yes, ok, you're right. Not perfectly explained. I meant if there is a customer with 100Mbit, they normally have some 
loadbalacer or something else so I won't get these devices flooded with our 2Mbit here. The other perspective is that 
nobody here can use the internet if we do a full 2Mbit floding!