Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Client DDoS requests, ideas?
From: "Sergio Castro" <sergio.castro () unicin net>
Date: Mon, 14 Jul 2008 17:48:29 -0500

The DDOS protection company you are thinking about is www.prolexic.com

As to a "botnet-attack-as-a-service" idea, it sounds pretty cool, until you
take into consideration that a real DDOS attack will not only take down the
target, but probably its entire ISP with all its clients! :o


-----Mensaje original-----
De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En
nombre de Erin Carroll
Enviado el: Lunes, 14 de Julio de 2008 05:34 p.m.
Para: Jack C
CC: pen-test () securityfocus com
Asunto: Re: Client DDoS requests, ideas?

On Mon, 14 Jul 2008, Jack C wrote:

I can't tell from your message whether you take "smurf-like" to mean 
any type of amplification, or just that specific broadcast-address 
attack. If you aren't against amplification via third party machines, 
an other simple method is to spoof large DNS requests with the 
src-addr of the machine to be attacked. I wrote a script to do this a
while ago if you need it.

Yes, I meant any kind of amplification. Though I would be interested in
seeing your script :)


If your message is asking how to fill a pipe larger than yours WITHOUT 
using third party machines (AND you're going for a purely 
bandwidth-based attack), you may have to sacrifice your own pipe. Ie, 
you could make a ton of requests on a non-windowing protocol (so that 
you can make more requests without waiting for the results of the 
previous) and just hammer away at large requests (DNS again comes to 
mind). It'll trash your link, but as long as the bottle neck is on 
your end it should also take their down a few notches.

Sergio's suggestion of looking into Packetstorm was interesting. I'm trying
to recall the name of a company which touted an "anti-DDoS"
product which was essentially an Akamai-like service which grew your
available bandwidth on demand to help fight off DDoS attacks. This was
circa-2002 but I'm wondering if there are service providers avaiable which
offer load testing services that could be leveraged to simulate DDoS for
clients.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


__________ NOD32 3266 (20080714) Information __________

This message was checked by NOD32 antivirus system.
http://www.eset.com



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]