We do Router performance and protocol testing on a constant basis (New
products and new software for an existing range) and use Ixia chassis
extensively. They can be a little temperamental, but the scriptability,
flexibility and options are fantastic.
Things like setting up a max number of sessions is trivial and would
take only a few seconds to setup and execute.
However, on a more budget level, max number of sessions should be
trivial to setup. Just put hping in a loop and increase source IP and
set it going. You may have to throttle slightly if you're not interested
in ramp rate and want mas sessions instead - however ramp rate is
probably a better (faster) indication of a DOS.
Cheers - Neil Gardner
Senior Test Engineer
Allied Telesyn Research
bill williams <infosecgroup@gmail.com> 6/02/2005 11:01:39 a.m. >>>
I am looking for information and tools to stress test routers. Any
information, white papers, tools, settings for hping, etc. would be
appreciated. The incident I am trying to reproduce is related to
scanning through the router and the router running out of sessions
creating a DOS attack, I think? This testing is in response to yet
another "your scanner brought the router, down incident" and I am sure
you can imagine the rest. We do have a duplicate router in our testing
facility so don't worry I am not trying to DOS anyone.
NOTICE: This message contains privileged and confidential
information intended only for the use of the addressee
named above. If you are not the intended recipient of
this message you are hereby notified that you must not
disseminate, copy or take any action in reliance on it.
If you have received this message in error please
notify Allied Telesyn Research Ltd immediately.
Any views expressed in this message are those of the
individual sender, except where the sender has the
authority to issue and specifically states them to
be the views of Allied Telesyn Research.
