White Paper: Simulating Distributed Denial-of-Service with BreakingPoint
by Alexander KarstensToday we have released a new white paper that I've been working on entitled "Simulating Distributed Denial-of-Service with BreakingPoint". This paper describes how to configure your BreakingPoint product's Network Neighborhood to simulate the traffic profile normally associated with a DDoS attack and then outlines a number of DDoS attack scenarios. I've also provided a link below to a packaged version that includes product test cases to simulate the scenarios described in the paper.
Of the scenarios presented, there are several recent real-world analogies. For example, the group of HTTP scenarios in the paper are similar in nature to multiple DDoS attacks that were recently launched simultaneously against our very own HD Moore's Metasploit Project website, alongside other information security and hacking related websites. You can read his ongoing commentary from during and after the attacks on the Metasploit Blog, beginning with this post.
The last scenario discussed in the paper is one of my all-time favorite DDoSes from when I was focusing a lot of my research efforts within the scope of VoIP systems and technologies. I regularly employed the tactic outlined by this scenario to demonstrate how a DDoS attack can effectively fly under most network security devices' radar by avoiding the usual DDoS traffic model and by shifting the target of the attack from the technology itself to elsewhere. I won't ruin the surprise here, you'll have to download the paper to find out what I'm talking about...
Finally, some of the test cases were created via scripting within the BreakingPoint TCL interface, so the paper also provides an introduction to that topic as well as the TCL scripts themselves. Todd Manning has recently been blogging here on this topic, the posts for which you can find by browsing this blog using the "tcl" tag.
We invite you to take a look at the paper, which can be found here (PDF). The package which includes the paper as well as supporting materials such as test cases and TCL scripts can be found here.
blog comments powered by Disqus
