[182717] in North American Network Operators' Group
Re: DDOS Simulation
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Thu Jul 30 12:13:04 2015
X-Original-To: nanog@nanog.org
To: alvin nanog <nanogml@Mail.DDoS-Mitigator.net>
In-Reply-To: Your message of "Wed, 29 Jul 2015 12:38:18 -0700."
<20150729193818.GA32446@Mail.DDoS-Mitigator.net>
From: Valdis.Kletnieks@vt.edu
Date: Thu, 30 Jul 2015 12:12:52 -0400
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
--==_Exmh_1438272772_2156P
Content-Type: text/plain; charset=us-ascii
On Wed, 29 Jul 2015 12:38:18 -0700, alvin nanog said:
> On 07/29/15 at 05:47am, Roland Dobbins wrote:
> > On 29 Jul 2015, at 5:19, alvin nanog wrote:
> > >and all the other ISP's routers along the way that had to transport
> > >those gigabyte/terabyte of useless ddos packets
> >
> > No company can provide a 'get out of jail card' for illegal activities,
> > irrespective of how they arrange their paperwork.
>
> oopps, maybe a "misunderstanding" ... it's an old "be careful euphomism(sp?)
> and not meant as "literal get out of jail" ( from monopoly game too )
You may indeed need a "get out of jail" card if one of those "all the other
ISPs along the way" decides to make an issue of it. The company you're working
with can only promise that *they* won't press charges. What their upstream
decides to do is out of their control.
> if i had to pick only one command for the ddos tests .... i'd simply
> flood the wire .. everything is now offline ( should be un-responsive )
> nping "send 100,000 packets/sec" x 65,000byte/packet 192.168.0.0/16
That will only send out packets as fast as your single pipe can send, which
will probably *not* make everything unresponsive. Hint - only (roughly) one out
of every 65,635 packets will be pointed at the host at 198.168.5.16, for
example - and I would *hope* that said host can handle an added 65K packet
every 0.6 seconds or so...
Oh, and line speed for a 10G connection is 155K 64K packets per second, so
your command won't even fill *one* computer's pipe.
--==_Exmh_1438272772_2156P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Exmh version 2.5 07/13/2001
iQIVAwUBVbpNBAdmEQWDXROgAQJ1LQ/7BgoLL00yycXbO2x57mYWk491l4adQ473
1k9zCfMI9EquXeFIfvBt9fuIFnVmMaTZKSvVu9KoY879cY5pYKuewA/PuL7FnVYo
EaPJszAIMr5xxfuSsxPR8KTfcE9om/UFmAEd58sRmhhczb7ZKYqzVyVeR+5JDrj/
i4DKlDdcDqy2WiztAKMCB99XyQXxXd2GQuYqhQoMpNhmTokokJz93Gqk6urx//xN
1Crj1trPe1SgbdHxJDbEwp9WM5c1zlwYg59ORT7vYUUYdN5REJC5qg8DLx83SMGB
5UbDQQZjch8XF5xmvIM6cd62tVF5HuQsCjc/aME2Wys+OP39KPS4+zH7MfMiLxDP
XZJzOq2acHYELWQe4JvGPzhWZF1f9vOp5MJx0iOkTbypVn0mV1MUAIBYwqLTTMH6
ZVS5St7rcRTwK827L1q9O9q/QE1iydt6ojVU2Y8Q8RMsXioS/LtDME9bbFBHj41B
yittONBAzD2Rs+qXo/0tipDpd8UeLMj73T55WI3djQTyUYCvHUq4MTUf2VCHVbUg
FPW5BBlebb3f24m2lfpzipg6kxzUXrjIN0T9malqkAqLMRmmk/CeDxGRHu1MscVR
ezFU99jaNdTFM+olxsupS6k6pVrd8z1Je+4venDZRP7l519g67PDSZe/XSEFzmA5
zoi/PioLtg4=
=2h0s
-----END PGP SIGNATURE-----
--==_Exmh_1438272772_2156P--
