Ethical DDoS drone network

michael.dillon at bt.com michael.dillon at bt.com
Mon Jan 5 13:39:18 CST 2009


> FWIW, I'm primarily concerned about testing PPS loads and not 
> brute force bandwidth.

Simple solution.

Write some DDoS software that folks can install on their own 
machines. Make its so that the software is only triggered by
commands from a device under the same administrative control,
i.e. it uses a shared secret that is set up when folks install
the software. So far there are two pieces of software, one
pieces does the DDoSing, and the other piece controls it.
You now need a third bit of software that sends DDoS requests
to the controllers, and the controllers don't actually act 
upon such requests, but queue them until their administrators
OK the DDoSing.

Think of it a bit like a moderated mailing list.

If you product that set of software, I'll bet that a lot of
folks would be interested in working together to do DDoS
stress testing of each others networks, at times of their
own choosing.

--Michael Dillon




More information about the NANOG mailing list