Ethical DDoS drone network

Zach admin at racksecurity.net
Sun Jan 4 22:00:27 CST 2009


Agreed, Gadi.  It wouldn't be an attack if it were ethical.  Technically,
that would be "load testing" or "stress testing".
Might I suggest this to help?
http://www.opensourcetesting.org/performance.php

On Sun, Jan 4, 2009 at 9:55 PM, Gadi Evron <ge at linuxbox.org> wrote:

> On Sun, 4 Jan 2009, John Kristoff wrote:
>
>> On Sun, 4 Jan 2009 21:06:34 -0500
>> "Jeffrey Lyon" <jeffrey.lyon at blacklotus.net> wrote:
>>
>>  Say for instance one wanted to create an "ethical botnet," how would
>>> this be done in a manner that is legal, non-abusive toward other
>>> networks, and unquestionably used for legitimate internal security
>>> purposes? How does your company approach this dilemma?
>>>
>>
>> As long as some part of the system (hosts/networks) from the bots to
>> the target is not under your control or prepared for this sort of
>> activity, you may not get a satisfactory answer on this. Its quite
>> likely these days a third party playing the unwitting participant in
>> this botnet may find it objectionable.
>>
>> Is creating and running a botnet the answer?  What exactly are you
>> trying to protect against?  DDoS?
>>
>> There are potentially various sorts of penetration tests and design
>> reviews you could go through as an alternative to running a so-called
>> "ethical" botnet. Further information on what you're trying to protect
>> against may solicit some useful strategies.
>>
>
> A legal botnet is a distributed system you own.
>
> A legal DDoS network doesn't exist. The question is set wrong, no?
>
>
>
>  John
>>
>>
>



More information about the NANOG mailing list