In the past I had to do several DoS security audits, with mĂșltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.
One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.
In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.
There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol
Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.
As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking.
Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.
I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.
The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.
Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.
And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.
Related news
- Hack And Tools
- New Hacker Tools
- Nsa Hack Tools
- Hacking Tools Kit
- World No 1 Hacker Software
- Pentest Tools Website
- Pentest Tools Windows
- Hacking Tools Name
- Pentest Tools Url Fuzzer
- Hacker Tools For Ios
- Hack Apps
- Hacking Tools And Software
- Hacker Security Tools
- Pentest Recon Tools
- Hacking Tools Hardware
- Hack Tool Apk
- Underground Hacker Sites
- Hacker Tools 2019
- Hacking Tools 2020
- Pentest Tools For Mac
- Hack Tools
- Hacker Tools Apk Download
- Hacking Tools For Windows 7
- How To Install Pentest Tools In Ubuntu
- Pentest Tools For Ubuntu
- Nsa Hack Tools
- Hacking Tools Kit
- Hacks And Tools
- Hacker Tool Kit
- Pentest Tools Website Vulnerability
- Hacking Tools Software
- Hacker Tools List
- Hacking Tools For Kali Linux
- Pentest Tools Download
- Pentest Tools Windows
- Pentest Tools Website Vulnerability
- Hacker Tools For Pc
- Pentest Tools Port Scanner
- Pentest Tools For Android
- Easy Hack Tools
- Hacking Tools Github
- Hacker Hardware Tools
- Hacker Security Tools
- Hacking Tools For Windows
- Game Hacking
- How To Install Pentest Tools In Ubuntu
- Termux Hacking Tools 2019
- Hack Tools Mac
- Hacking Tools For Pc
- Hack Tools Download
- Hacking Tools Free Download
- Bluetooth Hacking Tools Kali
- Pentest Tools List
- Hack Tools For Mac
- New Hacker Tools
- Pentest Tools Website
- Pentest Box Tools Download
- Pentest Tools Port Scanner
- Hacking App
- Easy Hack Tools
- Best Pentesting Tools 2018
- Hacks And Tools
- Hack Rom Tools
- Hacking Tools For Beginners
- Pentest Box Tools Download
- New Hacker Tools
- Free Pentest Tools For Windows
- Pentest Tools For Mac
- Pentest Tools Apk
- Free Pentest Tools For Windows
- Hacker Techniques Tools And Incident Handling
- Hack Tools For Ubuntu
- Hacker Hardware Tools
- Hacking Tools Software
- What Are Hacking Tools
- Hacker Techniques Tools And Incident Handling
- Hacker Tools Windows
- Hacking Tools Online
- Kik Hack Tools
- Beginner Hacker Tools
- Hack Tools Mac
- World No 1 Hacker Software
- Pentest Tools For Android
- Hacker Tools Apk Download
- What Are Hacking Tools
- Nsa Hack Tools
- Hack Tools
- Hacking Tools Kit
- Pentest Tools Subdomain
- Hacking Tools Free Download
- Blackhat Hacker Tools
- Top Pentest Tools
- Hackers Toolbox
- Hacking Tools Free Download
- Physical Pentest Tools
- Hacking Tools For Windows
- Underground Hacker Sites
- Hacker Tool Kit
- Usb Pentest Tools
- New Hacker Tools
- Best Hacking Tools 2019
- Hack Tools For Mac
- Pentest Tools
- Hack Tools For Pc
- Hack Tools For Ubuntu
- Game Hacking
- Pentest Tools Tcp Port Scanner
- Hacking Tools Github
- Game Hacking
- Computer Hacker
- Hacking Tools For Windows 7
- Github Hacking Tools
- Hack Tools Online
- Hacks And Tools
- Hacker Tools Hardware
- Nsa Hack Tools
- Pentest Automation Tools
- Hacking Tools For Games
- Install Pentest Tools Ubuntu
- Hacking Tools Github
- Easy Hack Tools
- Hacker Hardware Tools
- Hackers Toolbox
- Android Hack Tools Github
- Pentest Tools For Mac
- Hack Tool Apk
- Hacker Tools Free
- Hackrf Tools
- Beginner Hacker Tools
No comments:
Post a Comment