Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DDos within a pentest

from [Jose Maria Lopez Hernandez] Network Security [Permanent Link]
Subject: Re: DDos within a pentest
Date: Tue, 10 May 2005 10:44:08 +0200 
El vie, 06-05-2005 a las 09:44 +0200, Julian Totzek escribiÃ:

Hi group,

within a pentest we trying to offer the possibility of a DDos Foold for our 
customers. I know there are many tools to do a flood from a single PC, but 
all of these tools just send as many syn's as the can. Does anybody know a 
tool where I'm able to limit the bandwidth? I donât want to get a bandwidth 
overload, I just want to show that the server is not able to handle all the 
syn packets.

An other question is from where would I start such a attack? We only have a 
2Mbit line here in the office, so if I need to flood a 10Mbit line there will 
not be enough packets to do this, right? Maybe there is a provider out there 
who already offers this service!

The third question is what will be the side effects if I send packets with 
spoofed sources? As you all know I don't a answer to my packets, but would it 
be a DDos to all spoofed sources then? How can you ensure that only the main 
target is getting flooded?


Best regards

Julian Totzek

THE BRISTOL GROUP Deutschland GmbH
Robert-Bosch-StraÃe 11
63225 Langen
Telefon +49 (0) 6103 20 55 300
Telefax +49 (0) 6103 70 27 87
Emergency Phone 0190/858 979 000 (1,86â/min)
julian.totzek@bristol.de 
www.bristol.de 


HTTPS, HTTP, SMTP, IMAP, POP3 und FTP
Kostenloser 14-Tage-Test einer CP Secure Antivirus Appliance
http://www.bristol.de/testing.htm



A good way to simulate a Ddos attack, and above all if you care about
an overwhelming amount of SYN connections, is to install a P2P client
in the target machine. You just put a lot (30 or 40) of the most popular
files in the queue, configure the P2P to have a lot of sources for each
file, and you are done... thousands of machines will make connections
to you and from you. It's a poor man Ddos tool.

I've been working a lot to block the P2P's in the enterprise, and now
I have found they are useful for something. That's odd...

Regards.

-- 

Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas
http://www.bgsec.com
ESPAÃA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Filtering email headers generated from internal network (Sensible?), Joachim Schipper
Next by Date:  how effective are SPF records for preventing identity theft?, Nacho
Previous by Thread:  RE: DDos within a pentest, Omar Herrera
Next by Thread:  Re: DDos within a pentest, Christoph Puppe
Indexes:  [Date] [Thread] [Top] [All Lists]