DDOS Simulation

frnkblk at iname.com frnkblk at iname.com
Wed Jul 29 15:30:20 UTC 2015


If the customer has headroom on a 10G link, what's the harm with running a 1G volumetric DDoS across the Internet?  Or if it's application layer, anytime against prescribed lab devices?

Frank

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Brett Watson
Sent: Tuesday, July 28, 2015 8:28 PM
To: nanog at nanog.org
Subject: Re: DDOS Simulation


> On Jul 28, 2015, at 9:05 PM, jim deleskie <deleskie at gmail.com> wrote:
> 
> If anyone offers to "test" your DDoS devices across a network that you do
> not 100% own, you are risking legal issues.
> 
> If they offer to test it across your own network, make sure you have in
> writing from you upper management that they understand the risk and approve
> it.
> 
> If you choose to do it anyway then you are taking a LARGE risk.
> 
> 
> Testing should be in your lab and even then you should understand 100% what
> is happing to avoid leaking attack traffic into the internet.

in a previous job (we did ddos mitigation) customer asked all the time for simulation, and typically live across the internet. for all the reasons noted, we didn’t do it, but instead would do a lab/POC with pcaps replayed from previous attacks we had mitigated to show the customer how our platform worked, how we handled incident response, etc. 

agree with all comments about NOT doing it over the internet, that way lies madness.

-b




More information about the NANOG mailing list