In the past I had to do several DoS security audits, with múltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.
One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.
In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.
There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol
Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.
As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking.
Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.
I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.
The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.
Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.
And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.
Related posts
- Pentest Tools Open Source
- Pentest Tools List
- Hack Tool Apk
- Tools 4 Hack
- Hacker Tools Hardware
- Hacker Tools
- Hacking Tools 2020
- Pentest Tools Port Scanner
- Pentest Tools Nmap
- What Are Hacking Tools
- Hacking Tools Github
- Hack Tools For Mac
- Nsa Hack Tools
- Pentest Tools
- Hacker Tools Linux
- Pentest Tools Tcp Port Scanner
- Hackrf Tools
- Hack Tools Github
- Tools Used For Hacking
- Hacker Tools Windows
- Hacking Tools Mac
- Physical Pentest Tools
- Hack App
- Hacking Tools Hardware
- World No 1 Hacker Software
- Hacker Tools For Windows
- Hacking Tools Pc
- Pentest Tools Port Scanner
- Physical Pentest Tools
- Pentest Tools Free
- Hacking Tools Github
- Hack Tools Pc
- Physical Pentest Tools
- Pentest Tools For Android
- Hack And Tools
- Hacker Tools Free
- Pentest Tools Kali Linux
- Wifi Hacker Tools For Windows
- Hack Tool Apk No Root
- How To Install Pentest Tools In Ubuntu
- Hack Tools Pc
- Hacking Tools For Pc
- What Is Hacking Tools
- Hacking App
- Hack Tools For Games
- Hacker Techniques Tools And Incident Handling
- Hacking Tools 2020
- Pentest Box Tools Download
- Hacking Tools Online
- Hacker Tools Windows
- Android Hack Tools Github
- Pentest Tools Download
- New Hack Tools
- Pentest Tools Apk
- What Are Hacking Tools
- Pentest Tools Website
- New Hacker Tools
- Pentest Tools Subdomain
- Hackers Toolbox
- Hacker Hardware Tools
- Hackrf Tools
- Pentest Tools Website
- Hack Tools
- New Hack Tools
- Hacker Tools Windows
- Hacker Tools For Ios
- Hack App
- Hacking Tools For Games
- Hacking Tools 2019
- Pentest Tools Android
- Hacker Tools Apk
- Top Pentest Tools
- Hacking Tools Github
- Hacking Tools Online
- Pentest Tools
- Hack Tools Mac
- Black Hat Hacker Tools
- Hack Rom Tools
- Hackers Toolbox
- Pentest Automation Tools
- Pentest Automation Tools
- Hack Tools For Ubuntu
- Pentest Tools Android
- Hack Tools Pc
- Underground Hacker Sites
- Hacker
- Hacking Tools Name
- Hacking Tools Windows
- Hacking Tools For Games
- Hacking App
- Ethical Hacker Tools
- Hack And Tools
- Hacker Tools Linux
- Hack Tools
- How To Make Hacking Tools
- Tools 4 Hack
- Hacker Techniques Tools And Incident Handling
- Hacking Tools Github
- Hack Apps
- Bluetooth Hacking Tools Kali
- Blackhat Hacker Tools
- Hacker Tools For Mac
- Hack Tools Download
- Pentest Tools Tcp Port Scanner
- Nsa Hack Tools
- Hacker Search Tools
- Pentest Tools For Ubuntu
- Termux Hacking Tools 2019
- Top Pentest Tools
- Pentest Tools Subdomain
- Nsa Hacker Tools
- Hacker Security Tools
- Pentest Box Tools Download
- Pentest Tools Kali Linux
- Hacker Tools Free Download
- Android Hack Tools Github
- Hack Tools For Games
- Hacking Tools For Windows 7
- Hacking Tools Software
- Pentest Tools Framework
- Pentest Tools Website Vulnerability
- How To Hack
- What Are Hacking Tools
- Hacking Tools Download
- Termux Hacking Tools 2019
- Free Pentest Tools For Windows
- Hackers Toolbox
- Hacker Tools Online
- Pentest Tools Nmap
- Hacker Tools Free
- New Hack Tools
- Hack Tools For Games
- Hack Tools Github
- Hacking Tools Github
- Pentest Tools For Ubuntu
- Hacking Tools Download
- Hacker Tools Github
- Bluetooth Hacking Tools Kali
- Hack Tools For Ubuntu
- Pentest Tools Url Fuzzer
- Pentest Tools Github
- Hacking Tools For Windows
- Hacking Tools Pc
- Install Pentest Tools Ubuntu
- Hacker Tools For Pc
- Hacker Techniques Tools And Incident Handling
- Black Hat Hacker Tools
- Pentest Tools Windows
- Pentest Tools Apk
- Hack Tool Apk No Root
- Hacking Tools Usb
- Hacker Techniques Tools And Incident Handling
- Hacking Tools Software
- Underground Hacker Sites
- Pentest Tools Find Subdomains
- Hacking Tools For Windows
Commentaires
Enregistrer un commentaire