January 8th, 2002 01:59 PM
Simulate DDos attacks on network
I want to set up a network and simulate DDos attacks on it. I don't have 500 computers to upload sub7 to, so are there any alternatives?
What I want to investigate is if there are any types of routers or network infrastructure that will stop or minimize the damages of DDos attacks.
January 8th, 2002 02:34 PM
Yup, get a couple of dozen machines and install linux on them. Login/Su as Root, then issue the command: ping -f -s 65507 your.tar.get.host
The -f command under linux causes a flood of pings. It does not report the time it takes for the packet to answer back, it doesn't care. It's basically there just to flood the network with packets, in order to see where any faults may lie.
The -s 65507 part sets a packet size of 65507 bytes (the largest permitted by the ping program).
This will simulate a small ICMP on Windows-based DoS of about 25-35 machines (my estimation). If that doesn't read clear enough: a dozen linux boxes using ping -f -s 65507 is roughly equivalent to 25-35 windows boxes using ping -l 65500 -t -w 0
Other than that, there's nothing really easy to do it with.
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
January 8th, 2002 03:04 PM
That's a good piece of advice! I guess I could borrow a load of old pc's from somewhere. It's not gonna be easy borrowing a big enough car, though....
January 10th, 2002 11:45 PM
A linux box running LaBrea will reduce the total amount of traffic sent at you by 80% in my tests. It just depends on the type of DDos you run into. Just an FYI
Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
- Samuel Johnson