anti-ddos test solutions ?

Charles N Wyble charles at knownelement.com
Wed Mar 17 18:18:07 UTC 2010



Nathan Ward wrote:
> Hire/buy what I know as a router tester. People call them different things.
> It's a device that generates packets,

Linux has a packet generator in the kernel as well.

More info readily available from your local search engine.

>  and can normally simulate TCP etc. all the way up to HTTP etc. or higher. BGP, OSPF, MPLS, etc. etc. etc.
>   

Hmmm. What about a fuzzer, or something like scapy?
> Tell it to generate packets that look like they come from many many hosts (you can normally simulate some kind of network topology with hosts in different places and hence different TTLs etc.), and viola.
> They normally let you generate background noise traffic, or you could record 24 hours of packet headers from somewhere in your network and play it back through your test network. This needs a lot of disk of course.
>   
tcpreplay is great for that.






More information about the NANOG mailing list