From: mike@genxweb.net
Date: Tue Jan 11 2005 - 12:25:09 EST
Quoting Jerry Shenk <jshenk@decommunications.com>:
> How hard do you have to hit them to for the mitigation device to kick
> in. It seems that you should be able to generate enough traffic with
> nmap although nmap really isn't designed for creating a DOS. What you
> really ought to do is approach this scientifically....find out the
> thresholds and then generate just over that amount of traffic. If it
> trips on xx connections per minute, tune nmap's parameters to go that
> high. There is a GUI front end for Windows...I think, never used it.
> You might try a SYN scan because that would leave the connection open.
>
> Or is the mitigation device designed to kick clients off only if the
> server starts to stumble? If that's the case and you can use Linux
> tools, you might try hping to just crank though opening port 80
> connections as fast as it can. ISIC was mentioned here a week or so ago
> (http://www.packetfactory.net/projects/ISIC/isic-0.06.tgz) of course,
> that's Linux too.
>
Hum I am suprised or maybe I have over looked it but I did not see any one
suggesting any of the live bootable linux distributions for him to use on those
windows test servers. In his last comment he mentioned he could not find
wintrino or another app a user suggested so he was going to look on the p2p
software for it. If he is willing to isntall wintrino from a p2p file, I don't
think those servers are to critical and could be rebooted for the testing. Once
he uses the live distro he can then use the tools on there or download and
compile other attack tools.
Here are some suggestions: Knoppix STD, Commander, PHALK, and Whoppix. There are
many otehrs out there.
Hope this helps some what
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:12 EDT