Penetration Testing mailing list archives
Client DDoS requests, ideas?
From: Erin Carroll <amoeba () amoebazone com>
Date: Mon, 14 Jul 2008 20:43:35 +0000 (UTC)
Pen-testers,There have been times when, during the course of a pen-test for a client, a request is made for DoS/DDoS attacks against external systems & services. While there are resource exhaustion & other attack methods for certain services/systems, let's assume that Smurf-like attacks aren't viable. I'm curious for ideas or methods to simulate straight bandwidth DDoS attacks if the client pipe(s) are larger than your available pipe(s).
It's not like we all have huge botnets in our back pocket... Has anyone faced this situation before and if so, how did you manage?
-- Erin Carroll Moderator, SecurityFocus pen-test list ------------------------------------------------------------------------ This list is sponsored by: CenzicTop 5 Common Mistakes in Securing Web Applications
Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Client DDoS requests, ideas? Erin Carroll (Jul 14)
- Re: Client DDoS requests, ideas? Jon Kibler (Jul 14)
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- Re: Client DDoS requests, ideas? Jon Kibler (Jul 14)
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- RE: Client DDoS requests, ideas? Sergio Castro (Jul 14)
- Message not available
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- RE: Client DDoS requests, ideas? Sergio Castro (Jul 14)
- Re: Client DDoS requests, ideas? Roland Dobbins (Jul 14)
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- Re: Client DDoS requests, ideas? Jon Kibler (Jul 14)