Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Client DDoS requests, ideas?

from [Jon Kibler] Network Security [Permanent Link]
Subject: Re: Client DDoS requests, ideas?
Date: Mon, 14 Jul 2008 17:24:05 -0400 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Erin Carroll wrote:

Pen-testers,

There have been times when, during the course of a pen-test for a
client, a request is made for DoS/DDoS attacks against external systems
& services. While there are resource exhaustion & other attack methods
for certain services/systems, let's assume that Smurf-like attacks
aren't viable. I'm curious for ideas or methods to simulate straight
bandwidth DDoS attacks if the client pipe(s) are larger than your
available pipe(s).

It's not like we all have huge botnets in our back pocket... Has anyone
faced this situation before and if so, how did you manage?



Hi,

What services (e.g., IIS x.x, BIND v.e.r)?

What network infrastructure devices (e.g., Cisco xxxx w/ IOS yy.zz)?

What O/Ses / versions?

There are a number of protocol and device specific attacks where a
single to a few hosts with not much bandwidth can successful DoS a
system on a much larger pipe. Attacks are not available for every
environment, but there is usually just enough of a range of equipment
and services on most network to make a DoS attack against something on a
target network possible.

What to look for?
   Fragmentation attacks (e.g., jolt)
   Amplification attacks (e.g., DNS: request a VERY large TXT record)
   Protocol attacks (e.g., LAND)
   Application attacks (e.g., SQL Injection 'shutdown with nowait')

Where to look?
   PacketStorm
   Milw0rm

Just some starters. Give some specifics and I can be more specific.

Hope this helps!

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkh7w/UACgkQUVxQRc85QlMaMgCbBaDXBsHRXuuT0FcD+VwRJ5Kv
V3oAoIAj5YGL4IuEKWc0hhoWNuH7Du+k
=UwvL
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Wired captive portal pen-test, sherwyn . williams
Next by Date:  RE: Client DDoS requests, ideas?, Sergio Castro
Previous by Thread:  Client DDoS requests, ideas?, Erin Carroll
Next by Thread:  Re: Client DDoS requests, ideas?, Erin Carroll
Indexes:  [Date] [Thread] [Top] [All Lists]