[123870] in North American Network Operators' Group
Re: anti-ddos test solutions ?
daemon@ATHENA.MIT.EDU (Charles N Wyble)
Wed Mar 17 14:18:37 2010
Date: Wed, 17 Mar 2010 11:18:07 -0700
From: Charles N Wyble <charles@knownelement.com>
To: nanog@nanog.org
In-Reply-To: <11A32E77-458E-4D88-BEA7-7464922917F0@daork.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Nathan Ward wrote:
> Hire/buy what I know as a router tester. People call them different things.
> It's a device that generates packets,
Linux has a packet generator in the kernel as well.
More info readily available from your local search engine.
> and can normally simulate TCP etc. all the way up to HTTP etc. or higher. BGP, OSPF, MPLS, etc. etc. etc.
>
Hmmm. What about a fuzzer, or something like scapy?
> Tell it to generate packets that look like they come from many many hosts (you can normally simulate some kind of network topology with hosts in different places and hence different TTLs etc.), and viola.
> They normally let you generate background noise traffic, or you could record 24 hours of packet headers from somewhere in your network and play it back through your test network. This needs a lot of disk of course.
>
tcpreplay is great for that.
