In the past I had to do several DoS security audits, with múltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.
One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.
In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.
There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol
Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.
As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking.
Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.
I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.
The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.
Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.
And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.
Related news
- Pentest Tools Website
- Hacker Tools Online
- Install Pentest Tools Ubuntu
- Hacker
- Pentest Tools For Ubuntu
- Pentest Tools For Ubuntu
- Hacking Tools For Games
- Hack Tools 2019
- Computer Hacker
- Hacking Tools For Kali Linux
- Hacker Techniques Tools And Incident Handling
- Hacking Tools For Pc
- Hacker Security Tools
- Pentest Tools Online
- Hack Tools
- Hack Tools Online
- Pentest Tools Windows
- Pentest Tools Windows
- Pentest Tools Apk
- Hacker Tools Online
- Best Pentesting Tools 2018
- Hacking Tools Windows
- Hack Tools For Ubuntu
- Hacker Hardware Tools
- Hacker Tools Free
- Hacking Tools For Windows 7
- Physical Pentest Tools
- Hacks And Tools
- Pentest Recon Tools
- Hacker Tools Apk
- Github Hacking Tools
- Game Hacking
- Hacking Tools Github
- Pentest Tools Review
- Hacking Tools For Games
- Hack Tools 2019
- Pentest Tools For Ubuntu
- Pentest Tools Apk
- Hack Tools For Windows
- What Is Hacking Tools
- Hacking Tools Pc
- New Hacker Tools
- Usb Pentest Tools
- Pentest Tools For Ubuntu
- Hacker Tools
- Hacker Tools Apk
- Hacker Tools 2019
- Hacking Tools Pc
- What Is Hacking Tools
- Pentest Reporting Tools
- Hack Tools Mac
- Hack Tools For Pc
- Pentest Tools Website
- Pentest Tools Tcp Port Scanner
- Pentest Tools Github
- Hacking Tools Windows
- Pentest Tools For Android
- Pentest Tools Bluekeep
- New Hacker Tools
- Hacker Tools For Pc
- Black Hat Hacker Tools
- Kik Hack Tools
- Physical Pentest Tools
- Hacker Search Tools
- New Hack Tools
- Hack Tools Download
- Growth Hacker Tools
- Hacker Tools Github
- Pentest Tools Free
- Hacker Tools Software
- Hacking Tools Software
- Pentest Tools Review
- Hacker Tools 2020
- Hackrf Tools
- Best Hacking Tools 2019
- Kik Hack Tools
- Hacking Tools For Mac
- New Hacker Tools
- Hacker Tools Hardware
- Hacker Tools For Windows
- Pentest Tools Url Fuzzer
- Hacker Tools Free Download
- Pentest Tools For Windows
- Pentest Tools Tcp Port Scanner
- Nsa Hacker Tools
- Hacker Tools Github
- Hacking Tools Github
- Pentest Recon Tools
- Best Hacking Tools 2020
- Hack Apps
- Github Hacking Tools
- Pentest Tools For Ubuntu
- Hacking Tools Free Download
- Hacking Tools Windows 10
- Hacker Tools 2020
- Hacking Tools For Mac
- Hacker Tools Github
- Hacking Tools For Games
- Hacking Tools 2019
- Hacking Tools Software
- Hacker Tools Apk
- Hack Tools
- Best Hacking Tools 2020
- Hacking Tools For Windows
- Pentest Tools Kali Linux
- Best Hacking Tools 2020
- Free Pentest Tools For Windows
- Hack Tools For Pc
- Hacking Tools Kit
- Hack Rom Tools
- Top Pentest Tools
- Hack Tools
- Hacker Tools Linux
- Hacker Tools For Mac
- Hacking Tools For Windows Free Download
- Pentest Tools Online
- Hacking Tools For Games
- Pentest Tools Find Subdomains
- Hacking Tools Pc
- Pentest Tools For Ubuntu
- Beginner Hacker Tools
- Hacker Tools Hardware
- Hack Tools For Games
- New Hack Tools
- Hacking Tools Kit
- How To Install Pentest Tools In Ubuntu
- Hacker Tools
- Hacking Tools Download
- Hacker Tools Windows
- How To Hack
- Install Pentest Tools Ubuntu
- Hacker Tools List
- Hack Website Online Tool
- Hacking Tools Windows 10
- Install Pentest Tools Ubuntu
- Pentest Tools
- Hacking Tools Github
- Pentest Box Tools Download
- Hacker Tools For Windows
- Hacker
- Pentest Tools Alternative
- Hack And Tools
- Hacking Tools 2019
- Hacking Tools For Kali Linux
- Hack Tools Online
- Ethical Hacker Tools
- Termux Hacking Tools 2019
- Hacking Tools Github
- Hacking Tools Download
- Hack Tool Apk No Root
- Kik Hack Tools
- Hacker Tools Github
- Hacker Tools Online
- Hacker Hardware Tools
- Free Pentest Tools For Windows
- Pentest Tools Tcp Port Scanner
- Pentest Automation Tools
- Growth Hacker Tools
- Hack Tool Apk No Root
- Hack Website Online Tool
- Pentest Tools For Ubuntu
- Hacking Tools Mac
- Pentest Tools Subdomain
- Hack Tools Online
- Hacker Tools For Windows
- Hacking Tools Pc
- Hacker Security Tools
Nenhum comentário:
Postar um comentário