DDos within a pentest

["Julian Totzek" <julian.totzek () bristol de>]

Hi group,

within a pentest we trying to offer the possibility of a DDos Foold for our customers. I know there are many tools to 
do a flood from a single PC, but all of these tools just send as many syn's as the can. Does anybody know a tool where 
I'm able to limit the bandwidth? I don’t want to get a bandwidth overload, I just want to show that the server is not 
able to handle all the syn packets.

An other question is from where would I start such a attack? We only have a 2Mbit line here in the office, so if I need 
to flood a 10Mbit line there will not be enough packets to do this, right? Maybe there is a provider out there who 
already offers this service!

The third question is what will be the side effects if I send packets with spoofed sources? As you all know I don't a 
answer to my packets, but would it be a DDos to all spoofed sources then? How can you ensure that only the main target 
is getting flooded?


Best regards

Julian Totzek

THE BRISTOL GROUP Deutschland GmbH
Robert-Bosch-Straße 11
63225 Langen
Telefon +49 (0) 6103 20 55 300
Telefax +49 (0) 6103 70 27 87
Emergency Phone 0190/858 979 000 (1,86€/min)
julian.totzek () bristol de 
www.bristol.de 


HTTPS, HTTP, SMTP, IMAP, POP3 und FTP
Kostenloser 14-Tage-Test einer CP Secure Antivirus Appliance
http://www.bristol.de/testing.htm