DDos within a pentest

From: Julian Totzek (julian.totzek@bristol.de)
Date: Fri May 06 2005 - 03:44:11 EDT


Hi group,

within a pentest we trying to offer the possibility of a DDos Foold for our customers. I know there are many tools to do a flood from a single PC, but all of these tools just send as many syn's as the can. Does anybody know a tool where I'm able to limit the bandwidth? I don’t want to get a bandwidth overload, I just want to show that the server is not able to handle all the syn packets.

An other question is from where would I start such a attack? We only have a 2Mbit line here in the office, so if I need to flood a 10Mbit line there will not be enough packets to do this, right? Maybe there is a provider out there who already offers this service!

The third question is what will be the side effects if I send packets with spoofed sources? As you all know I don't a answer to my packets, but would it be a DDos to all spoofed sources then? How can you ensure that only the main target is getting flooded?

Best regards

Julian Totzek

THE BRISTOL GROUP Deutschland GmbH
Robert-Bosch-Straße 11
63225 Langen
Telefon +49 (0) 6103 20 55 300
Telefax +49 (0) 6103 70 27 87
Emergency Phone 0190/858 979 000 (1,86€/min)
julian.totzek@bristol.de
www.bristol.de

HTTPS, HTTP, SMTP, IMAP, POP3 und FTP
Kostenloser 14-Tage-Test einer CP Secure Antivirus Appliance
http://www.bristol.de/testing.htm



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:20 EDT