DDOS Simulation

• Previous message (by thread): DDOS Simulation
• Next message (by thread): DDOS Simulation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

hi pavel

On 07/28/15 at 12:02am, Pavel Odintsov wrote:
> It's poor man's traffic generator :)
 
that's the best kind :-) 
as long as it gets the job done and you get to control what it does

> My test lab is i7 2600 with 2 port Intel X520 10GE and Intel Xeon E5
> 2604 witj 2 port Intel X520 10GE.

nice cpu hw

trick questions for those thinking of generating ddos traffic for testing

- ?? how much memory was needed to run the traffic generator

	i assume around 1GB of memory for 1gigE interface and i still
	can purposely run out of memory while some apps are running

	at 10gigE pci card, 
	you'd probably want at least 12GB - 16GB of memory

- some "poor mans apps" to generate traffic ... start w/ nping or hping

	# generate 1,000 Mbit/sec of junk .. floodig is trivial ...
	ping -i 0.001 -s 2000  victimIP#
	nping --data-length 2000 --rate 1000 victimIP#
	socat
	iperf ...
	#
	# generate udp  or icmp or arp or tcp traffic
	#
	# add options to generate large-sized packets
	# add options to generate 10Gbit/sec ( number of packet/sec )
	#
	# play around with tcp headers
	# add options to send MTU=1501 byte but NOT set DF
	# add options to send ACK but no request
	#
	# add options to spoof source and desitination address and ports

	#
	# if the host machine become un-available, you've got a problem
	#
	for host in gw dns ntp http smtp
	  for protocol in arp icmp udp tcp
	    nping --protocol [ options ] host.example.com 
	    # hping is nice too
	  done
	done

	# for bonus arp fun ...
	attacker# arpspoof gateway victim
	attacker# arpspoof victim gateway

	# prevent mitm with: use hard coded arp "/etc/ethers" for linux

	use OpenSSL certs to flag a warning when "attacker" inserted
	itself in between gateway and un-aware victim

pixie dust
alvin
- DDoS-Mitigator.net

> On Mon, Jul 27, 2015 at 11:59 PM,  <Valdis.Kletnieks at vt.edu> wrote:
> > On Mon, 27 Jul 2015 23:32:56 +0300, Pavel Odintsov said:
> >
> >> I would like to recommend MoonGen for generating very high speed
> >> attacks (I have generated up to 56 mpps/40GE with it).
> >
> > OK, I'll bite - what hardware were you using to inject that many packets?

• Previous message (by thread): DDOS Simulation
• Next message (by thread): DDOS Simulation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]