hi dovid On 07/28/15 at 02:31pm, Dovid Bender wrote:
We are looking for a company that can launch a DDOS attack against the solutions we are testing. I don't want a proof of concept from the company that will be offering DDOS protection since they can simulate an easy attack and then mitigate. I want whom ever we go with to be able to handle what ever is thrown at them.
most all ddos simulator folks all sell their own version of a ddos mitigator appliance or ddos cloud services ... both has good and bad ddos mitigation features depending on the type of DDoS attacks you are defending against http://DDoS-Mitigator.net/Competitors - largest folks ( aka probably legit ) are probably akamai/prolexic, arbor networks, fortinet, incapsula, radware, etc as previously noted by others, legit corp will ask you for lots of legal paperwork for their "get out of jail card" for DDoS'ing your servers and all the other ISP's routers along the way that had to transport those gigabyte/terabyte of useless ddos packets imho, most ddos simulator folks will want to know what are you wanting to simulate .... there are easily, say 100,000 attack vectors ... - attack all your IP# - attack all ports on each IP# - various arp flood - various icmp flood - various udp flood - various tcp flood ( trivial to defend ) - attack specific vulnerabilities already found n not patched - there are proably thousands of apps that can be used to launch various DDoS attacks ... - volumetric icmp DDoS attacks and volumetric udp DDoS attacks will most likely take you offline ... almost nothing you can do to stop it, prevent it, block it, etc... your ISP has to do that for you or your ISP's larger peer has to get in there too you will want the ph# of the security guru at the ISP to help you resolve the issue i doubt any ddos mitigation will help you and more importantly, you probably will not want to pay $$$ to the ddos cloud scrubber to be removing xTB of udp or icmp DDoS attacks - if you're thinking of ddos attacks as "anything that is thrown at them" against webservers, mail servers, and ssh servers, that is only 3 ports out of 65,535 possible attacks there is "no such thing as anything that can be thrown at them" defending web servers, mail servers and ssh servers can be "script kiddie" trivially defended ... as long as it is properly patched and maintained and built to be defensible before you ask others to DDoS your servers, have you already patched apache/sendmail/ssh/openssl, kernels, etc, etc ddos attackers will be looking for your weakest link, usually login/pwd from outside wifi access points and home offices, hotel ethernet, etc there is almost zero benefit for volumetric 10TB or 20 TB of DDoS attacks we read about in the papers against large corp. the only defense is to build your own geographically separate colo in each major customer countries in asia, europe, usa, south america, etc usually the purpose of DDoS attacks is to take your servers offline or steal/copy/sniff info or hide in your network or launch other attacks these are easier ( script kiddie ) DDoS attacks and less likely to be noticed by your ISP of incoming "attacks" - sniff login/passwd from outside ( wifi, home office, etc ) - install keyboard sniffers - install other trojans ( virii, worm, etc ) endless list of attacks to simulate pixie dust alvin - http://DDoS-Simulator.net
On Mon, Jul 27, 2015 at 5:40 PM, lobna gouda <lobna_gouda@hotmail.com> wrote:
Hello David et Dan,
Are you going to perform the DDOS solution yourself, or you are looking for a company to provide a solution for you. Some companies perform an attack simulation for you before buying the product