[123845] in North American Network Operators' Group
Re: anti-ddos test solutions ?
daemon@ATHENA.MIT.EDU (gordon b slater)
Wed Mar 17 04:08:31 2010
X-IP-MAIL-FROM: gordslater@ieee.org
From: gordon b slater <gordslater@ieee.org>
To: jul <jul_bsd@yahoo.fr>
In-Reply-To: <4BA07A6F.4010104@yahoo.fr>
Date: Wed, 17 Mar 2010 08:07:40 +0000
Cc: NANOG <nanog@nanog.org>
Reply-To: gordslater@ieee.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, 2010-03-17 at 07:45 +0100, jul dit:
> But a solution to test basic attack (synflood, slowloris, socktress,
> ...) with 10 to hundred computers would be interesting, so not a tool
> but more a service.
>
> Found only Parabon [1] on Google
>
> Does someone know something similar ?
If you have access to a large enough network in a campus-size
establishment, try booting a large room (100+) full of desktop PCs with
a live CD/USB and script (or clusterSSH) some hpings, blind netcats
(large file as input), iperfs or nmap+nmapscripting) through a _good_
switch stack. Set a low mtu on the interfaces for maximum pps.
Please remember to fully air-gap it (and the redundants) from the cloud
and the rest of the campus backbone in case you have thick fingers
entering the target - your upstream might be tempted to ring you on the
BatFone in a hurry. That gets embarrassing, as a friend of mine found
out in December last year.
Other than that, I suspect it's going to cost you for "real" kit :(
Depends how "real" you need it I guess.
Kiddies seem to be able to do it with E1/T1-sized pipes so it should at
least be better than waiting for one to come your way naturally :)
regards
Gord
--
gurgle. gurgle-splat. splat. splat. sploo-oo-oshhh = rommon
