In the past I had to do several DoS security audits, with mĂșltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.
One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.
In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.
There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol
Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.
As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking.
Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.
I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.
The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.
Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.
And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.
Related posts
- New Hacker Tools
- Pentest Automation Tools
- Hacker Tools Software
- New Hack Tools
- Tools Used For Hacking
- Pentest Tools Port Scanner
- Hacking Tools For Mac
- Pentest Tools Tcp Port Scanner
- Beginner Hacker Tools
- Install Pentest Tools Ubuntu
- Hacker Tools For Windows
- Ethical Hacker Tools
- Termux Hacking Tools 2019
- Pentest Tools Port Scanner
- Kik Hack Tools
- How To Install Pentest Tools In Ubuntu
- Hacker Tools Hardware
- Hacking Tools For Pc
- Hacking Tools 2020
- Best Pentesting Tools 2018
- New Hacker Tools
- Pentest Automation Tools
- Beginner Hacker Tools
- Pentest Tools Find Subdomains
- Hacker Tools Hardware
- Usb Pentest Tools
- Kik Hack Tools
- Hack Tools Mac
- Hacking Tools 2020
- Hacker Tools Free
- Pentest Tools Github
- Hacker Tools Online
- Pentest Tools Alternative
- Hack Tool Apk
- Hacking Tools Name
- Nsa Hacker Tools
- Hacking Tools For Pc
- Hacking Tools And Software
- Hacker Hardware Tools
- Hack Tools
- Pentest Tools
- Pentest Tools Android
- World No 1 Hacker Software
- Hacking Tools Free Download
- Hacker Tools For Windows
- What Is Hacking Tools
- Pentest Tools Android
- How To Install Pentest Tools In Ubuntu
- Growth Hacker Tools
- Pentest Tools Framework
- Kik Hack Tools
- Hacker Tools Free Download
- Wifi Hacker Tools For Windows
- Hacker Tools 2020
- Hack Tools Mac
- Tools Used For Hacking
- Hacking Tools Online
- Hackers Toolbox
- Hacking Tools Windows
- Hacking Tools For Windows 7
- Hacking Tools Usb
- Black Hat Hacker Tools
- Game Hacking
- Hacker Tools Free Download
- New Hack Tools
- Hack Tools
- Pentest Tools
- Pentest Recon Tools
- Hack Tool Apk No Root
- Computer Hacker
- Hacker Tools For Mac
- Pentest Tools Alternative
- Pentest Tools Website Vulnerability
- What Is Hacking Tools
- Hacker Tools Windows
- Hack Tools Pc
- Blackhat Hacker Tools
- Pentest Reporting Tools
- Hacker Tools For Pc
- Hacker Tools Apk Download
- Pentest Automation Tools
- Hackers Toolbox
- Hacking Tools 2020
- World No 1 Hacker Software
- Hack Tools 2019
- Hackers Toolbox
- Hackrf Tools
- Pentest Tools List
- Hacking Tools And Software
- Pentest Tools Framework
- Nsa Hack Tools Download
- Hack Tools 2019
- What Are Hacking Tools
- Nsa Hack Tools
- Hacking Tools
- Best Hacking Tools 2019
- Hacking Tools For Windows
- Hacking Apps
- Hack Tools
- How To Make Hacking Tools
- Hacker Tools Hardware
- Hacker Tools For Mac
- Pentest Tools Online
- Bluetooth Hacking Tools Kali
- Hack Tools For Pc
- Pentest Box Tools Download
- Hack Tools 2019
- Pentest Tools Tcp Port Scanner
- Pentest Tools Download
- Hack Tool Apk No Root
- How To Hack
- Hacker Tools For Ios
- Pentest Tools Apk
- Tools Used For Hacking
- Hacker Tools Software
- Nsa Hack Tools
- Pentest Reporting Tools
- Nsa Hack Tools Download
- Wifi Hacker Tools For Windows
- Hacking Apps
- Hacker Tools
- Hacker Tools 2019
- Hack Tools Download
- Computer Hacker
- Hack Tool Apk No Root
- Pentest Automation Tools
- Pentest Automation Tools
- Underground Hacker Sites
- Pentest Recon Tools
- Game Hacking
- Hacking Tools For Beginners
- Easy Hack Tools
- Pentest Tools List
- Pentest Tools Windows
- Best Hacking Tools 2020
- Ethical Hacker Tools
- Hack Tools Download
- Hak5 Tools
- Hack Tools For Pc
- Hacking Tools Pc
- Best Pentesting Tools 2018
- Growth Hacker Tools
- Blackhat Hacker Tools
- Nsa Hack Tools
- Hacking Tools Github
- Pentest Tools Android
- Hacker Tools Windows
- Hacker Tools Linux
- Pentest Tools Subdomain
- Tools For Hacker
- Hacker Tools Apk Download
- Hacker Tools Github
- What Are Hacking Tools
- Pentest Tools Alternative
- Hacking Tools Github
- Wifi Hacker Tools For Windows
- Growth Hacker Tools
- Usb Pentest Tools
- Hacking Tools Mac
- Hacking Apps
- Underground Hacker Sites
- Hacking Tools Online
- Hacking Tools For Games
- Nsa Hack Tools Download
- Hacker Tools Github
- Growth Hacker Tools
- Easy Hack Tools
No comments:
Post a Comment