[Noisebridge-discuss] DDoS defense testing?
Jeff Tchang
jeff.tchang at gmail.com
Wed Jun 16 23:14:03 UTC 2010
This might be kind of unorthodox but one approach that would work is
to simulate a scaled down botnet:
- Figure out who your customers are. Suppose I was running a website.
I would start logging IP addresses for a few weeks, months, etc.
- I would take those IP addresses and do some analysis on them. Figure
out what networks/geographical locations my users are coming from. I
would try to aggregate the data by subnets.
- At this point I would pick the top few subnets or geographical
regions that tended to pop up. I would somehow obtain boxes with load
testing software at those locations.
- The test would help reveal load issues coming from a # of different
IPs. It would also give assurance that this is the primary customer
that would be affected in the event of a true DDoS attack.
-Jeff
On Wed, Jun 16, 2010 at 3:14 PM, Kristian Erik Hermansen
<kristian.hermansen at gmail.com> wrote:
> Moin Moin,
>
> Other than renting out an illegitimate botnet, can anyone suggest some
> ways to test how well an infrastructure is able to defend against
> specific DDoS attacks? Commonly it is discovered that some device in
> path of the target is unable to process certain payloads or heavy
> traffic, rather than the target itself. If anyone has suggestions, it
> would be greatly appreciated.
>
> Cheers,
> --
> Kristian Erik Hermansen
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
More information about the Noisebridge-discuss
mailing list