PaulDotCom mailing list archives

DDOS

From: bcg at struxural.com (Ben Greenfield)
Date: Thu, 22 Apr 2010 11:21:16 -0400

Just for clarification, are you saying that on a recent pentest the
testers performed DoS attacks?  Or just that they uncovered potential
vulnerabilities that create a greater exposure to DoS attacks?

If so, did you know in advance that an active DoS attack would be
include as part of the testing scope?

It's just not standard operating procedure in my world to perform a
DoS on a pentest, and in fact it's extremely taboo.

The only time we would ever perform DoS style attacks on a pentest is
if the client explicitly asked us to, and those requests are usually
just to help do load testing.



On Thu, Apr 22, 2010 at 3:37 AM, Karl Bailey
<karlrobertbailey at googlemail.com> wrote:

We had a recent pen test that highlighted allot of problems on our
infrastructure with DoS, things like slowaris causing issues, I've been
considering using iptables to limit the number of connections from a single
IP ... not allot of help with a DDoS, but would have saved us allot of grief
as the pen testing all came from 3 IP addresses, is there something a little
cleverererer iptables can do around dropping bad traffic?
Regards
Karl

On Tue, Apr 20, 2010 at 10:36 PM, Geoff Shukin <shukin at gsenterprises.biz>
wrote:


Hi!

I am curious to know what folks are doing to combat the issue of DDOS
attacks.? I have heard about solutions from Arbor and TopLayer but wonder if
they are effective.? Are there any other suggestions out there in PaulDotCom
land?

We have seen DDOS attacks against one of our websites (using a combination
of ICMP, TCP SYN and UDP flood attacks). Firewall stops the attacks in that
the web servers are ok but the firewall falls over with 100% CPU.

Thanks

Geoff

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




-- 
--
Benjamin C. Greenfield, CISSP

bcg [at] struxural.com

Domains and Hosting for Less from Struxural:
http://www.struxural.com

Current thread:

DDOS Geoff Shukin (Apr 20)
- DDOS Butturini, Russell (Apr 21)
  - DDOS Geoff Shukin (Apr 21)
    - DDOS Butturini, Russell (Apr 21)
- DDOS Karl Bailey (Apr 22)
  - DDOS Ben Greenfield (Apr 22)
    - DDOS Karl Bailey (Apr 22)
    - DDOS Ben Greenfield (Apr 22)
    - DDOS Michael Dickey (Apr 22)
  - DDOS Joshua Smith (Apr 22)
- DDOS Huzeyfe Onal (Apr 22)