Ethical DDoS drone network

Gadi Evron ge at linuxbox.org
Mon Jan 5 01:11:09 CST 2009


On Mon, 5 Jan 2009, Patrick W. Gilmore wrote:
> On Jan 5, 2009, at 1:33 AM, Roland Dobbins wrote:
>> On Jan 5, 2009, at 2:08 PM, Patrick W. Gilmore wrote:
>> 
>>> You want to 'attack' yourself, I do not see any problems.  And I see lots 
>>> of possible benefits.
>> 
>> This can be done internally using various traffic-generation and 
>> exploit-testing tools (plenty of open-source and commercial ones 
>> available).  No need to build a 'botnet', literally - more of a distributed 
>> test-harness
>> 
>> And it must be *kept* internal; using non-routable space is key, along with 
>> ensuring that application-layer effects like recursive DNS requests don't 
>> end up leaking and causing problems for others.
>
> We disagree.
>
> I can think of several instances where it _must_ be external.  For instance, 
> as I said before, knowing which intermediate networks are incapable of 
> handling the additional load is useful information.
>
>
>> But before any testing is done on production systems (during maintenance 
>> windows scheduled for this type of testing, naturally), it should all be 
>> done on airgapped labs, first, IMHO.
>
> Without arguing that point (and there are lots of scenarios where that is not 
> at all necessary, IMHO), it does not change the fact that external testing 
> can be extremely useful after "air-gap" testing.

Fine test it by simulation on you or the transit end of the pipes. Do not 
transmit your test sh?t data across the `net.

That solves that question?
:)




More information about the NANOG mailing list