[182641] in North American Network Operators' Group
Re: DDOS Simulation
daemon@ATHENA.MIT.EDU (Brett Watson)
Tue Jul 28 21:28:42 2015
X-Original-To: nanog@nanog.org
From: Brett Watson <brett@the-watsons.org>
In-Reply-To: <CAJL_ZMOd-68J3CneCkjirHUNSU8XvxRFaRYsxk7ELOzEKtKWqQ@mail.gmail.com>
Date: Tue, 28 Jul 2015 21:28:02 -0400
To: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
> On Jul 28, 2015, at 9:05 PM, jim deleskie <deleskie@gmail.com> wrote:
>=20
> If anyone offers to "test" your DDoS devices across a network that you =
do
> not 100% own, you are risking legal issues.
>=20
> If they offer to test it across your own network, make sure you have =
in
> writing from you upper management that they understand the risk and =
approve
> it.
>=20
> If you choose to do it anyway then you are taking a LARGE risk.
>=20
>=20
> Testing should be in your lab and even then you should understand 100% =
what
> is happing to avoid leaking attack traffic into the internet.
in a previous job (we did ddos mitigation) customer asked all the time =
for simulation, and typically live across the internet. for all the =
reasons noted, we didn=E2=80=99t do it, but instead would do a lab/POC =
with pcaps replayed from previous attacks we had mitigated to show the =
customer how our platform worked, how we handled incident response, etc.=20=
agree with all comments about NOT doing it over the internet, that way =
lies madness.
-b=
