How hard do you have to hit them to for the mitigation device to kick
in. It seems that you should be able to generate enough traffic with
nmap although nmap really isn't designed for creating a DOS. What you
really ought to do is approach this scientifically....find out the
thresholds and then generate just over that amount of traffic. If it
trips on xx connections per minute, tune nmap's parameters to go that
high. There is a GUI front end for Windows...I think, never used it.
You might try a SYN scan because that would leave the connection open.
Or is the mitigation device designed to kick clients off only if the
server starts to stumble? If that's the case and you can use Linux
tools, you might try hping to just crank though opening port 80
connections as fast as it can. ISIC was mentioned here a week or so ago
(http://www.packetfactory.net/projects/ISIC/isic-0.06.tgz) of course,
that's Linux too.
-----Original Message-----
From: Faisal Khan [mailto:faisal@netxs.com.pk]
Sent: Monday, January 10, 2005 3:52 AM
To: pen-test@securityfocus.com
Subject: Windows based DoS Tools?
Need to sort of stress test a mitigation device in place. Does any know
of
any Windows based DoS/DDoS tools? Reason for Windows is the servers we
have
access to outside the protected network are all Windows.
We have access to about 60 or so odd servers - all connected at 100Mbps
(I
think 4-5 may be connected at 10Mbps), all are on Windows 2000 (a few
Windows 2003). Need to try to saturate the client's incoming link by
overloading their web-server and to see if the mitigation device will
block
the IPs immediately, etc. etc.
Regards,
FK
Faisal Khan, CEO
Net Access Communication
Systems (Private) Limited
________________________________
Network Security - Secure Web Hosting
Managed Internet Services - Secure Email
Dedicated Servers - Reseller Hosting
Visit www.netxs.com.pk for more information.
