Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

AW: DDos within a pentest

from [Julian Totzek] Network Security [Permanent Link]
Subject: AW: DDos within a pentest
Date: Tue, 10 May 2005 09:13:54 +0200 

Hi Thierry



Considering this :
JT> I don?t want to get a bandwidth overload, I just want
JT> to show that the server is not able to handle all the syn packets.

I don't understand this :
JT> We only have a 2Mbit line here in the office, so if I need to
JT> flood a 10Mbit line there will not be enough packets to do this,
JT> right?

If you send SYN packets to an open port with active services you won't
need a 2mbit line to DoS a 10mbit line, except of course your into
traffic exhaustion which your first statement however negates.


Yes, ok, you're right. Not perfectly explained. I meant if there is a customer 
with 100Mbit, they normally have some loadbalacer or something else so I won't 
get these devices flooded with our 2Mbit here. The other perspective is that 
nobody here can use the internet if we do a full 2Mbit floding!
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • AW: DDos within a pentest, Julian Totzek <=
Previous by Date:  Re: Filtering email headers generated from internal network (Sensible?), Kyle Maxwell
Next by Date:  Re: Filtering email headers generated from internal network (Sensible?), Joachim Schipper
Previous by Thread:  [Full-disclosure] coldfusion pentest, fatb
Next by Thread:  how effective are SPF records for preventing identity theft?, Nacho
Indexes:  [Date] [Thread] [Top] [All Lists]