Hello! I would like to recommend MoonGen for generating very high speed attacks (I have generated up to 56 mpps/40GE with it).
There are another open project: quezstresser.com On Mon, Jul 27, 2015 at 11:25 PM, alvin nanog <nano...@mail.ddos-mitigator.net> wrote: > > hi dovid > > On 07/27/15 at 11:32am, Dovid Bender wrote: >> We are looking into a few different DDOS solutions for a client. We need a >> LEGITIMATE company that can simulate some DDOS attacks (the generic + >> specific to the clients business). Anyone have any recommendations? > > i've compiled a fairly comprehensive list is here: > > - http://ddos-mitigator.net/Competitors > > simulating ddos attacks are fairly easy to do, except one does > have to be careful of process and proceedure and the all important > "get out of jail for free" card ( let your local ISP techie's know too ) > > http://DDoS-Simulator.net/Demo > ( wrapper gui around *perf/nc/nmap/*ping command options ) > > ddos mitigation is not a "single thing-a-ma-jig", and should > be multi-layered, different solutions solving different DDoS issues > > http://ddos-solutions.net/Mitigation/#Howto > - how are they attacking > - who is attacking ( script kiddie vs master of deception ) > - what are they attacking > - when are they attacking > - why are they attacking > - ... > > # --------------------------------------------- > # what kind of simulations are you trying to do ?? > # --------------------------------------------- > - volumetric attacks say 10gigabit vs 200gigabit attacks is trivial > - ping flood, udp flood, arp flood, tcp flood, etc, etc > > local appliances with 10/100 gigabit NIC cards should be able to > generate close to 100 gigabit/sec of ddos attacks > > - udp and icmp attacks are harder to mitigate, since those packets > need to be stopped at the ISP .... if it came down the wire to > the local offices, it already used the bandwidth, cpu, memory, > time, people, etc, etc > > - tcp-based ddos attacks are trivial ( imho ) to defend against with > iptables + tarpits > if each tcp connection takes 2K bytes, the DDoS attacker > that is intent on sending large quantity of tcp-based packets > would incur a counter ddos attack using up its own kernel > memory > > 100,000 tcp packet/sec * 2K byte --> 200M /sec of kernel memory > > ?? with tcp timeout of 2 minutes implies they'd need 24TB of > ?? kernel memory to sustain a 100,000 tcp packet/sec attack > > # live demo of tarpit incoming ddos attacks > http://ddos-mitigator.net/cgi-bin/IPtables-GUI.pl > http://target-practice.net/cgi-bin/IPtables-GUI.pl > > # command line options is 100x faster and easier than html > > # to automatically add new incoming ddos attackers > iptables-gui -doadd -addauto > > # to automatically remove inactive ddos attackers > iptables-gui -dodel -deluto > > ssh based solutions are nice but only works on port 22 > http based solutions are nice but only works on port 80 > > there are 65,533 other ports to defend against DDoS attacks > which is defensible with tarpit > > - it is trivial to generate attacks against apache or web browser > - it is trivial to generate attacks against sendmail or mail reader > > - netcat/socat/nc, hping*, nping, etc, etc > - something that you can define source and destination IP# > - something that you can define source and destination port# > > - it is harder to generate the various malformed tcp headers > > - gui to help set tcp header flags and options for nmap/hping > - http://ddos-simulator.net/Demo/ > > - spam, virii and worms seems to be in its own category > > - another important question for your clients is if they are under > any govermental regulations which will limit their choices of solutions > - hippa, pci, sox, etc > > inhouse ddos solutions should not have any governmental compliance > issues > > cloud based ddos solutions and their facilities would have to > comply with the various govermental issues > > both inhouse and cloud based solutions solve some problems > > another 32+ point comparison for inhouse vs cloud based solutions > - http://ddos-mitigator.net/InHouse-vs-Cloud > > thanx > alvin > - http://ddos-mitigator.net > - http://ddos-simulator.net > -- Sincerely yours, Pavel Odintsov
