nanog mailing list archives

Re: DDOS Simulation

From: Brett Watson <brett () the-watsons org>
Date: Tue, 28 Jul 2015 21:28:02 -0400

On Jul 28, 2015, at 9:05 PM, jim deleskie <deleskie () gmail com> wrote:

If anyone offers to "test" your DDoS devices across a network that you do
not 100% own, you are risking legal issues.

If they offer to test it across your own network, make sure you have in
writing from you upper management that they understand the risk and approve
it.

If you choose to do it anyway then you are taking a LARGE risk.


Testing should be in your lab and even then you should understand 100% what
is happing to avoid leaking attack traffic into the internet.


in a previous job (we did ddos mitigation) customer asked all the time for simulation, and typically live across the 
internet. for all the reasons noted, we didn’t do it, but instead would do a lab/POC with pcaps replayed from previous 
attacks we had mitigated to show the customer how our platform worked, how we handled incident response, etc. 

agree with all comments about NOT doing it over the internet, that way lies madness.

-b

Current thread:

Re: DDOS Simulation, (continued)
- - - Re: DDOS Simulation alvin nanog (Jul 30)
    - Re: DDOS Simulation Valdis . Kletnieks (Jul 30)
- Re: DDOS Simulation alvin nanog (Jul 27)
  - Re: DDOS Simulation Pavel Odintsov (Jul 27)
    - Re: DDOS Simulation Valdis . Kletnieks (Jul 27)
    - Re: DDOS Simulation Pavel Odintsov (Jul 27)
    - Re: DDOS Simulation alvin nanog (Jul 27)
    - Re: DDOS Simulation Pavel Odintsov (Jul 28)
- Re: DDOS Simulation Ryan Pugatch (Jul 28)
  - Re: DDOS Simulation jim deleskie (Jul 28)
    - Re: DDOS Simulation Brett Watson (Jul 28)
    - RE: DDOS Simulation frnkblk (Jul 29)
  - Re: DDOS Simulation Damian Menscher via NANOG (Jul 28)