AW: DDos within a pentest

From: Julian Totzek (julian.totzek@bristol.de)
Date: Tue May 10 2005 - 03:13:54 EDT

• Next message: Joachim Schipper: "Re: Filtering email headers generated from internal network (Sensible?)"
• Previous message: Kyle Maxwell: "Re: Filtering email headers generated from internal network (Sensible?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Thierry

>
> Considering this :
> JT> I don’t want to get a bandwidth overload, I just want
> JT> to show that the server is not able to handle all the syn packets.
>
> I don't understand this :
> JT> We only have a 2Mbit line here in the office, so if I need to
> JT> flood a 10Mbit line there will not be enough packets to do this,
> JT> right?
>
> If you send SYN packets to an open port with active services you won't
> need a 2mbit line to DoS a 10mbit line, except of course your into
> traffic exhaustion which your first statement however negates.

Yes, ok, you're right. Not perfectly explained. I meant if there is a customer with 100Mbit, they normally have some loadbalacer or something else so I won't get these devices flooded with our 2Mbit here. The other perspective is that nobody here can use the internet if we do a full 2Mbit floding!

• Next message: Joachim Schipper: "Re: Filtering email headers generated from internal network (Sensible?)"
• Previous message: Kyle Maxwell: "Re: Filtering email headers generated from internal network (Sensible?)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:20 EDT