Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DDos within a pentest

from [Thierry Zoller] Network Security [Permanent Link]
Subject: Re: DDos within a pentest
Date: Mon, 9 May 2005 21:12:38 +0200 

Dear Julian Totzek,

Considering this :
JT> I don?t want to get a bandwidth overload, I just want
JT> to show that the server is not able to handle all the syn packets.

I don't understand this :
JT> We only have a 2Mbit line here in the office, so if I need to
JT> flood a 10Mbit line there will not be enough packets to do this,
JT> right?

If you send SYN packets to an open port with active services you won't
need a 2mbit line to DoS a 10mbit line, except of course your into
traffic exhaustion which your first statement however negates.

JT> The third question is what will be the side effects if I send
JT> packets with spoofed sources?
If the spoofed sources exist they will be flooded with SYN+ACKS or FIN
packets from the host you attack. You might one to choose to spoof an
IP which isn't alive.

JT> As you all know I don't a answer to
JT> my packets, but would it be a DDos to all spoofed sources then?
Depends on how often you change the decoys (spoofed ingress addresses)

JT> How can you ensure that only the main target is getting flooded?
Testen testen testen.


-- 
Thierry Zoller
mailto:Thierry@sniff-em.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DDos within a pentest, Sels, Roger
Next by Date:  [Full-disclosure] coldfusion pentest, fatb
Previous by Thread:  Re: DDos within a pentest, Sels, Roger
Next by Thread:  Re: DDos within a pentest, Thierry Zoller
Indexes:  [Date] [Thread] [Top] [All Lists]