Quoting Jerry Shenk <jshenk@decommunications.com>:
How hard do you have to hit them to for the mitigation device to kick
in. It seems that you should be able to generate enough traffic with
nmap although nmap really isn't designed for creating a DOS. What you
really ought to do is approach this scientifically....find out the
thresholds and then generate just over that amount of traffic. If it
trips on xx connections per minute, tune nmap's parameters to go that
high. There is a GUI front end for Windows...I think, never used it.
You might try a SYN scan because that would leave the connection open.
Or is the mitigation device designed to kick clients off only if the
server starts to stumble? If that's the case and you can use Linux
tools, you might try hping to just crank though opening port 80
connections as fast as it can. ISIC was mentioned here a week or so ago
(http://www.packetfactory.net/projects/ISIC/isic-0.06.tgz) of course,
that's Linux too.
Hum I am suprised or maybe I have over looked it but I did not see any one
suggesting any of the live bootable linux distributions for him to use on those
windows test servers. In his last comment he mentioned he could not find
wintrino or another app a user suggested so he was going to look on the p2p
software for it. If he is willing to isntall wintrino from a p2p file, I don't
think those servers are to critical and could be rebooted for the testing. Once
he uses the live distro he can then use the tools on there or download and
compile other attack tools.
Here are some suggestions: Knoppix STD, Commander, PHALK, and Whoppix. There are
many otehrs out there.
Hope this helps some what
