Guest Deleted_Account Posted September 21, 2010 Share Posted September 21, 2010 I was just hired by a company to test there servers, and yes I realize this sounds a bit like "omg how can i hackz0rs my gfs gmail" but honestly they want to see if they can survive a Dos attack (against a Virtual server representing their real one and not the real one for obvious reasons). Now I have never done a Dos well except against friends with batch files :P So i was wondering how would you test this? Something like LOIC (low-orbit Ion Cannon) or is there a simulator/assessment for this type of attack? Google hasn't helped much except for the "l33t haks" stuff. Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 21, 2010 Share Posted September 21, 2010 Define survive please. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted September 21, 2010 Share Posted September 21, 2010 Define survive please. I think he means, how much traffic can their servers will sustain if it gets hit by a DOS attack. Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted September 21, 2010 Share Posted September 21, 2010 I think he means, how much traffic can their servers will sustain if it gets hit by a DOS attack. Exactly. They want to be sure something like what happened to the MPAA can't happen to them (at least as easily). normal methods (Batch/shell scripts) aren't doing much of anything (not a surprise as 1 computer against a protected server isnt much at all). What I am looking for is a way to simulate a DDOS attack on a Virtual Server. or at least asses how vulnerable the server may be. Quote Link to comment Share on other sites More sharing options...
Netshroud Posted September 21, 2010 Share Posted September 21, 2010 Give it a public IP and piss off 4chan? Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted September 21, 2010 Share Posted September 21, 2010 Give it a public IP and piss off 4chan? lol :P well that may have some adverse side effects :P Quote Link to comment Share on other sites More sharing options...
Mr. Stuky Posted September 21, 2010 Share Posted September 21, 2010 I've Always wanted to test this aswell on my Dedi Machine. Anyone care to show us how? NOTE: Won't be used for Harm. Testing Purposes ONLY. Ty. Quote Link to comment Share on other sites More sharing options...
VaKo Posted September 21, 2010 Share Posted September 21, 2010 You would either need to buy or create your own bot net to replicate a DDOS attack without great cost. Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 21, 2010 Share Posted September 21, 2010 Unplug the server, did the business survive the DoS? Quote Link to comment Share on other sites More sharing options...
VaKo Posted September 21, 2010 Share Posted September 21, 2010 In my experience you can configure Apache to survive some types of DDOS attempt by giving it thousands of worker processes with no keep-alive. But its going swap like a bastard and barely function. Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted September 27, 2010 Share Posted September 27, 2010 Ironically After testing this with python scripts I made it turns out his Security (some IDS/IPS Can't remember the name) decides if it can't stop or "survive" the threat it blocks ALL internet activity. And this means as long as a big DDOS is running it doesn't have to crash a server or anything as the security software blocks everything it self once triggered and thus causes its own DOS. I had to laugh at that. LOL Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted September 28, 2010 Share Posted September 28, 2010 (edited) Surviving a DOS attack can be extremely difficult, the only way you can minimize a dos attack is having a very powerful hardware and some kind of load balancer in place, to reduce the load on the line. Edited September 28, 2010 by Infiltrator Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.