I would suggest looking at Breaking Point Systems. They have boxes that can
generate lots of traffic and they can also run exploits against the systems.
HD Moore was affiliated with this company at some point so Metasploit is
probably used for vulnerability testing.
Travis
www.theIPSGuy.com
On Wed, Mar 17, 2010 at 2:45 AM, jul jul_...@yahoo.fr wrote:
Hello nanogers,
Following the multiple thread on ddos attack, I was asking myself how
someone could test chosen solutions.
In most cases, you can't load your Internet access in the same way
attackers will (does someone have a botners with ten thousands computers
or more :) ?)
But a solution to test basic attack (synflood, slowloris, socktress,
...) with 10 to hundred computers would be interesting, so not a tool
but more a service.
Found only Parabon [1] on Google
Does someone know something similar ?
Thanks
Best regards,
Jul
Note: Please, don't forget this kind of public tests have some serious
legal impact and you need to have an agreement with your ISP/operators
to do it in most countries.
Note2: Google has a lot of answers. Most of them are about tool and
methodology, so not sure for a live test. I'm not looking for a lab
solution but real one with business acceptation (and a wise choice on
the hours of the test so front-end can be switch to maintenance mode)
[1] New grid service simulates DDoS attacks, May 2009
http://www.computerworlduk.com/technology/security-products/business-continuity/news/index.cfm?newsId=14640
--
Travis Abrams, GCIH, CISSP, etc.
www.theipsguy.com
