anti-ddos test solutions ?

Drew Weaver drew.weaver at thenap.com
Thu Mar 18 13:05:32 UTC 2010


On a similar note but slightly unrelated note,

Not to thread hijack, but does anyone have any useful recipes for 
generating any basic baseline data (top talkers, SSH brute forcing, SMTP brute forcing, 445,etc) 
via any of the open source netflow collectors (Flow-Tools, nfdump)?

I've had mixed success getting these packages to produce any useful information after getting them to collect the flow data.
  
Thanks,
-Drew


-----Original Message-----
From: kowsik [mailto:kowsik at gmail.com] 
Sent: Thursday, March 18, 2010 12:33 AM
To: Stefan Fouant
Cc: nanog at nanog.org
Subject: Re: anti-ddos test solutions ?

http://labs.mudynamics.com/2009/04/10/ddos-testing-network-applications/
http://www.pcapr.net/dos

YMMV, but mudos converts *any* IP packet into a DoS generator (it's free).

K.
---
http://www.pcapr.net
http://labs.mudynamics.com
http://twitter.com/pcapr

On Wed, Mar 17, 2010 at 11:28 AM, Stefan Fouant
<sfouant at shortestpathfirst.net> wrote:
>> -----Original Message-----
>> From: Charles N Wyble [mailto:charles at knownelement.com]
>> Sent: Wednesday, March 17, 2010 12:16 PM
>> To: nanog at nanog.org
>> Subject: Re: anti-ddos test solutions ?
>>
>> bit gossip wrote:
>> > Nessus is a vulnerability scanner:
>> >
>> > http://www.nessus.org/nessus/
>> >
>> > Ixia provides a full Nessus implementation in one of its platform.
>> >
>>
>> Well these days I would use http://www.openvas.org and
>> http://www.metasploit.org
>> for vulnerability scanning and analysis.
>>
>> However that wouldn't be a DDoS, but could certainly lead to DOS.
>
> If you can get your hands on a PCAP from a previous attack, you could also use something like Bit-Twist which will allow you to manipulate things like the destination IP and also the transmission rate, etc.  Pretty useful tool to include in the DDoS simulation toolbox.
>
> http://bittwist.sourceforge.net/
>
> Stefan Fouant, CISSP, JNCIE-M/T
> www.shortestpathfirst.net
> GPG Key ID: 0xB5E3803D
>
>
>



More information about the NANOG mailing list