[123872] in North American Network Operators' Group
RE: anti-ddos test solutions ?
daemon@ATHENA.MIT.EDU (Stefan Fouant)
Wed Mar 17 14:28:45 2010
From: "Stefan Fouant" <sfouant@shortestpathfirst.net>
To: "'Charles N Wyble'" <charles@knownelement.com>,
<nanog@nanog.org>
In-Reply-To: <4BA11C48.6000506@knownelement.com>
Date: Wed, 17 Mar 2010 12:28:03 -0600
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> -----Original Message-----
> From: Charles N Wyble [mailto:charles@knownelement.com]
> Sent: Wednesday, March 17, 2010 12:16 PM
> To: nanog@nanog.org
> Subject: Re: anti-ddos test solutions ?
>=20
> bit gossip wrote:
> > Nessus is a vulnerability scanner:
> >
> > http://www.nessus.org/nessus/
> >
> > Ixia provides a full Nessus implementation in one of its platform.
> >
>=20
> Well these days I would use http://www.openvas.org and
> http://www.metasploit.org
> for vulnerability scanning and analysis.
>=20
> However that wouldn't be a DDoS, but could certainly lead to DOS.
If you can get your hands on a PCAP from a previous attack, you could =
also use something like Bit-Twist which will allow you to manipulate =
things like the destination IP and also the transmission rate, etc. =
Pretty useful tool to include in the DDoS simulation toolbox.
http://bittwist.sourceforge.net/
Stefan Fouant, CISSP, JNCIE-M/T
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
