Network Security: Detailed info on Client DDoS requests, ideas?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Client DDoS requests, ideas?

from [Erin Carroll] Network Security

[Permanent Link]

Subject:	Client DDoS requests, ideas?
Date:	Mon, 14 Jul 2008 20:43:35 +0000 (UTC)

Pen-testers,

There have been times when, during the course of a pen-test for a client, a request is made for DoS/DDoS attacks against external systems & services. While there are resource exhaustion & other attack methods for certain services/systems, let's assume that Smurf-like attacks aren't viable. I'm curious for ideas or methods to simulate straight bandwidth DDoS attacks if the client pipe(s) are larger than your available pipe(s).

It's not like we all have huge botnets in our back pocket... Has anyone faced this situation before and if so, how did you manage?

--
Erin Carroll
Moderator, SecurityFocus pen-test list

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Client DDoS requests, ideas?, Erin Carroll <= Re: Client DDoS requests, ideas?, Jon Kibler Re: Client DDoS requests, ideas?, Erin Carroll Re: Client DDoS requests, ideas?, Jon Kibler RE: Client DDoS requests, ideas?, Sergio Castro Message not available Re: Client DDoS requests, ideas?, Erin Carroll RE: Client DDoS requests, ideas?, Sergio Castro Re: Client DDoS requests, ideas?, Roland Dobbins

Previous by Date:	Re: Wired captive portal pen-test, Roman Medina-Heigl Hernandez
Next by Date:	Re: Wired captive portal pen-test, sherwyn . williams
Previous by Thread:	Malicious Mozilla/Firefox/Thunderbird/Etc Extension, Andrei Hanganu
Next by Thread:	Re: Client DDoS requests, ideas?, Jon Kibler
Indexes:	[Date] [Thread] [Top] [All Lists]