Penetration Testing mailing list archives
RE: Client DDoS requests, ideas?
From: "Sergio Castro" <sergio.castro () unicin net>
Date: Mon, 14 Jul 2008 17:48:29 -0500
The DDOS protection company you are thinking about is www.prolexic.com As to a "botnet-attack-as-a-service" idea, it sounds pretty cool, until you take into consideration that a real DDOS attack will not only take down the target, but probably its entire ISP with all its clients! :o -----Mensaje original----- De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En nombre de Erin Carroll Enviado el: Lunes, 14 de Julio de 2008 05:34 p.m. Para: Jack C CC: pen-test () securityfocus com Asunto: Re: Client DDoS requests, ideas? On Mon, 14 Jul 2008, Jack C wrote:
I can't tell from your message whether you take "smurf-like" to mean any type of amplification, or just that specific broadcast-address attack. If you aren't against amplification via third party machines, an other simple method is to spoof large DNS requests with the src-addr of the machine to be attacked. I wrote a script to do this a
while ago if you need it. Yes, I meant any kind of amplification. Though I would be interested in seeing your script :)
If your message is asking how to fill a pipe larger than yours WITHOUT using third party machines (AND you're going for a purely bandwidth-based attack), you may have to sacrifice your own pipe. Ie, you could make a ton of requests on a non-windowing protocol (so that you can make more requests without waiting for the results of the previous) and just hammer away at large requests (DNS again comes to mind). It'll trash your link, but as long as the bottle neck is on your end it should also take their down a few notches.
Sergio's suggestion of looking into Packetstorm was interesting. I'm trying to recall the name of a company which touted an "anti-DDoS" product which was essentially an Akamai-like service which grew your available bandwidth on demand to help fight off DDoS attacks. This was circa-2002 but I'm wondering if there are service providers avaiable which offer load testing services that could be leveraged to simulate DDoS for clients. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------ __________ NOD32 3266 (20080714) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- Client DDoS requests, ideas? Erin Carroll (Jul 14)
- Re: Client DDoS requests, ideas? Jon Kibler (Jul 14)
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- Re: Client DDoS requests, ideas? Jon Kibler (Jul 14)
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- RE: Client DDoS requests, ideas? Sergio Castro (Jul 14)
- Message not available
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- RE: Client DDoS requests, ideas? Sergio Castro (Jul 14)
- Re: Client DDoS requests, ideas? Roland Dobbins (Jul 14)
- Re: Client DDoS requests, ideas? Erin Carroll (Jul 14)
- Re: Client DDoS requests, ideas? Jon Kibler (Jul 14)